- Jamf Nation Community
- Products
- Jamf Connect
- Re: Enable FileVault (MacOS Catalina) breaks Azure...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-26-2021 06:35 AM
Hi,
I've have JamfConenct working with Azure AD but as soon as I deploy a policy to enable FileVault and escrow keys to Jamf server to the machines it breaks AD Azure connectivity. A reboot show the standard mac login screen and if I logoff the user I get a broken Azure AD screen.
I've tried deploying FileValt first then JamfConnect but same problems.
Any ideas? Regards,
Solved! Go to Solution.
Labels:
- Labels:
-
FileVault 2
-
Jamf Connect
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-01-2021 06:10 AM
If you logout you should see the Jamf Connect Login screen. If not, something is broken with the JCL. While logged in try going in to terminal and running /usr/bin/local/authchanger -reset -JamfConnect and see if that brings the Jamf Connect Login screen back.
If you want to ensure the user sees the JCL screen after initial boot and/or restart, may sure you set the DenyLocal setting to true in your Jamf Connect Login profile. With that the user experience will be FileVault login -> Azure Login -> Local password validation.
Reply
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-26-2021 06:53 AM
@robbo007 Enabling FileVault will always cause the display of the FileVault login screen on macOS Catalina since you're not booting into macOS after that, but booting into an intermediate stage where FileVault will display the accounts enabled to unlock the drive, and you have to authenticate with one of those before proceeding to boot macOS.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-01-2021 05:10 AM
ahh ok, so whats the best practice for using Azure AD authentication and FileVault then? Because if I do a logout once authenticated with FileVault I can't then authenticate with Azure as integration seems broken.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-01-2021 06:10 AM
If you logout you should see the Jamf Connect Login screen. If not, something is broken with the JCL. While logged in try going in to terminal and running /usr/bin/local/authchanger -reset -JamfConnect and see if that brings the Jamf Connect Login screen back.
If you want to ensure the user sees the JCL screen after initial boot and/or restart, may sure you set the DenyLocal setting to true in your Jamf Connect Login profile. With that the user experience will be FileVault login -> Azure Login -> Local password validation.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-01-2021 07:05 AM
ok thanks. I'll try that. Is that the best practice if your using JamfConnect with Azure? FileVault login -> Azure Login -> Local password validation?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-01-2021 07:33 AM
Ok that works great . Thanks..
