Help

Decrypting/adding user to Filevault locked Mac [previous enabled user has left, without password]

EmDee
New Contributor III

Posted on ‎12-12-2017 06:22 AM

HI all

We have a slight problem.

  1. We have a machine that had FV2 enabled - for some reason our job to enable our admin account on this machine failed, so the only user account enabled was the Users account

  2. The user has left the company, their machine has been restarted/moved, now we can't get in as the only FV2 enabled account is theirs, and a password change will not take effect until after the machine decrypts

What are my options? I have the key stored in the JSS. I have tried to cd to the machine via TDM in terminal and add a user using fdesetup - but this only seems to work with my machine, not the machine connected via TDM - I feel this should work but I'm doing something wrong somehow. I literally cd to the machine from /Volumes/, however any command I run from there, eg ls, will return a list for the directory on MY machine, so I have to use the full path despite already being cd'd in, i.e. ls /Users/TDMmac/

As far as I know there isn't an equivalent with fdesetup. and fdesetup doesn't work from recovery mode....

I really don't want to have to wipe it...

0 Kudos
Reply
1 REPLY 1

dcgagne
Contributor

Posted on ‎12-12-2017 07:02 AM

If you have a valid recovery key you should be able to use the key to reset the existing account to make any administrative changes to the device. From HT202860:

  1. At the login screen, keep entering a password until you see a message saying that you can reset your password using your Recovery Key. If you don't see the message after three attempts, FileVault isn't on.
  2. Click the arrow next to the message. The password field changes to a Recovery Key field.
  3. Enter your Recovery Key. Use uppercase characters, and include the hyphens.
  4. Follow the onscreen instructions to create a new password, then click Reset Password when done.
  5. Determine whether to create a new login keychain.
0 Kudos
Reply