Skip to main content
Answer

Wifi authentication and FileVault 2 Encrypted Machines

  • November 22, 2014
  • 4 replies
  • 65 views
mvught
Forum|alt.badge.img+9

We have a problem with our current Wifi authentication and FileVault 2 Encrypted Machines: Our laptop users log in with a domain account and password and our wifi is applied via a configuration profile and authenticated with certificates and the domain credentials at login. On non-encryptd machines this works fine.

On encrypted machines our authentication to the wifi fails since it seems that the EFI must be unlocked first before you can authenticate. If we login from the FileVault2 login, logout of the account to the standard login window and then login again the authentication works fine.

Has anybody else experienced this or have any ideas on why this may be happening?

Best answer by CGundersen

Not sure if this will get you closer?:

http://support.apple.com/en-us/HT202842

sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES

    4 replies

    W
    Forum|alt.badge.img+6
    • WUSLS
    • Contributor
    • November 23, 2014

    I am have a similar configuration as well. Any input on the above would be great! We won't have any unmanaged machines in my environment, however we just resolved this in our Windows systems. Anyway, any thoughts would be greatly appreciated.

    P
    Forum|alt.badge.img+14
    • perrycj
    • Valued Contributor
    • November 24, 2014

    This is more of a guess and kind of what I did when I had FV2 and Enterprise WiFi at a past job. Can you hardcode the network SSID and it's certificate that you want them to connect to into the user template? Therefore the network is there automatically and once they log in they would just authenticate to connect because their user account is enabled to unlock the disk for FV2. This worked for me in the past on 10.8 and 10.9.

    You could probably hardcode it into the user template folder, and/or into your image.

    C
    Forum|alt.badge.img+14
    • CGundersen
    • Contributor
    • Answer
    • November 24, 2014

    Not sure if this will get you closer?:

    http://support.apple.com/en-us/HT202842

    sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES
    mvught
    Forum|alt.badge.img+9
    • mvught
    • Author
    • Contributor
    • November 24, 2014

    I had a chat with @rtrouton and it works like a charm!! Thanks a lot rtrouton

    I followed the instructions at the following link to disable automatic login after the boot screen. http://support.apple.com/kb/HT5989

    And the following scripts are running after the encryption policy
    https://github.com/golbiga/Scripts/tree/master/DisableFDEAutoLogin

    Terms & ConditionsCookie settingsAccessibility statement