Enabling a FV user via Configuration Profile?

wstewart3
New Contributor III

I am working on pushing out an account via a policy. I would like for this user to be a FileVault 2 user. When looking at the "Enable user for FileVault 2" there is an "i". It states:

"As of macOS 10.13, you cannot use this method to enable a user for FileVault. For macOS 10.13 and later, you can use a script or configuration profile to enable a user for FileVault."

I am trying how to do this via a configuration profile. None of the settings seem to allow this. Can someone point me to how to properly do this?

3 REPLIES 3

joelsenders
New Contributor III

I'm not sure why it says that... because the best way to deploy FileVault for macOS 10.13+ is via policy. Also, there are reports that FileVault is not enabling on logout in 10.15. I have it done on log in so not an issue for me.

joelsenders
New Contributor III

... And reading it again, it says you can't use a configuration profile to "enable a user" for FileVault. Looks like a secure token thing.

wstewart3
New Contributor III

I am currently using a script that passes the username/password of a local admin account using parameters. I guess this will do!