After a MBP finishes User Initiated Enrollment and new users are granted a secure token with sysadminctl, they don't appear as a login option on an encrypted drive. My understanding is that I can enable or disable STs to control user options on the login screen. Am I missing something else?
Question
Users with secure tokens enabled do not appear at the login window
+10+8Have you read this blog post by Rich Trouton? https://derflounder.wordpress.com/2018/01/20/secure-token-and-filevault-on-apple-file-system/
Accounts created with a script/command line do not have a ST, and to grant one, the account must have one.
Are you using a policy in jamf or doing so within system preferences?
+12We had run into this issue with our computers that were bound to AD. The users were granted a secure token, but then didn't appear on the initial boot screen. By running sudo diskutil apfs updatePreboot / in Terminal we were able to resolve this issue.
And I will second @mlizbeth recommendation to read Rich Trouton's blog. There is a wealth of information there!
+10I have read Rich's excellent post on this, and then some. I should have read the comments too. Sudo diskutil... worked like a charm. Thank you, This saves my entire summer. I would say beers at Grumpy's but, alas it's gone.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.