Setup
iMac M1 or MB Pro, mainly iMacs
Okta is the IDP
Jamf Connect was deployed using FV, but we learned the limited scope of users
1. Created Smart Group for these iMacs and added my one test unit to it
2. Excluded the Smart Group from anything to do with Jamf Connect + File Vault
3. Cloned the Config profile for Login, removed File Vault
4. Removed the FV Escrow Key
5. Reviewed all profiles/policies assigned to these devices. NOTHING has FV enabled
6. Wiped the drive
7. Rebooted, Okta login. Log in with User 1, who happens to be an admin upon log in (Based on my department, Engineering.)
8. Rebooted, Logged in as user 2
9 Rebooted, logged in as user 3
10. Rebooted. still no FV login screen ONLY Okta login screen. Logged in as user 4
11. Rebooted, logged in as user 5. Verified FV is off in the system preferences
12. Pulled up the device in Jamf Pro, noticed it says FileVault 2 Enabled Users: User1
13. That is strange.... also noticed there is a Device Recovery Key and Personal Recovery Key
14. Again, that's strange.. FV Is disabled
15. Rebooted
16. Logged in as User 6, Okta push goes to my phone for OKta Verify. Screen appears to be logging in, screen refreshes.
17. Okta shows successful authentication User single sign on to app success
18. I can log in as user 1-5, but not 6 even though FV is disabled.
Any clues?
