Jamf Connect + Okta + Shared Device No Filevault

KatMaerz517
New Contributor II

Setup
iMac M1 or MB Pro, mainly iMacs

Okta is the IDP

Jamf Connect was deployed using FV, but we learned the limited scope of users

1. Created Smart Group for these iMacs and added my one test unit to it

2. Excluded the Smart Group from anything to do with Jamf Connect + File Vault

3. Cloned the Config profile for Login, removed File Vault

4. Removed the FV Escrow Key 

5. Reviewed all profiles/policies assigned to these devices. NOTHING has FV enabled

6. Wiped the drive

7. Rebooted, Okta login. Log in with User 1, who happens to be an admin upon log in (Based on my department, Engineering.)

8. Rebooted, Logged in as user 2

9  Rebooted, logged in as user 3

10. Rebooted. still no FV login screen ONLY Okta login screen. Logged in as user 4

11. Rebooted, logged in as user 5. Verified FV is off in the system preferences 

12. Pulled up the device in Jamf Pro, noticed it says FileVault 2 Enabled Users: User1

13. That is strange....   also noticed there is a  Device Recovery Key and Personal Recovery Key

14. Again, that's strange..  FV Is disabled

15. Rebooted

16. Logged in as User 6, Okta push goes to my phone for OKta Verify. Screen appears to be logging in, screen refreshes. 

17. Okta shows successful authentication User single sign on to app success

18. I can log in as user 1-5, but not 6 even though FV is disabled.

Any clues?

0 REPLIES 0