Automatically add AD users to FileVault 2 enabled users


Does anyone have a good solution or workflow for adding additional active directory users to be enabled for FileVault 2 access to a local machine? Create a local user and it automatically gets added, but not an Active Directory user.


New Contributor III
New Contributor III

+1 on this. I have a requirement from one of my colleges....

Legendary Contributor III

Not sure if there's a way to fully automate adding them in without some interaction, but if you have things set up just so, you may be able to do it in a scripted method that gets the account password as part of the process. Take a look at what @stevewood is doing in his environment on this thread. This is related to a domain move, but part of that is adding the AD account to the FV2 authorized list

Honored Contributor II
Honored Contributor II

I did a test rollout of that process with 4 users, and the only ones that had troubles were those that had a home folder named different than their AD user name. So I have to go back and add in some testing/fixing for that. But otherwise, it worked great.