Help

Effects of Filevault Configuration profiles on machines with Encryption already enabled

jclark27
New Contributor III

‎10-06-2022 08:22 AM - edited ‎10-06-2022 08:23 AM

Hey all, here's a question.

We are transitioning from utilizing our DEP Notify provisioning script to enable filevault, to instead use configuration profiles to manage/enable filevault.

If we enabled the config profile to enforce fielvault on next login and scoped it to machines, should I ensure to not scope it to a machine with FV already turned on and enabled? I would assume this could cause some weirdness with the profile. Obviously I would test with a few machines, but just wondering before we started.

Thanks for any answers!

0 Kudos
1 REPLY 1

Tribruin
Valued Contributor II

Posted on ‎10-06-2022 11:18 AM

It won't cause any problem to scope your profile to machines with FileVault already enabled. In fact, it is a good thing to do anyway. With the profile installed, the user is unable to turn it off. 

0 Kudos