Skip to main content

Hello Jamf Nation Community.

Our School is a new Customer of JamF. Our JumpStart is scheduled for early Jan. As the Sys Admin I am very excited to finally be able to play with Casper.
Hoping someone in the Community can help me. I am struggling with Decrypting FV2 using an Institutional Key.

  • I am using Apple Profile Manager as the MDM (until Casper is rolled out).
  • The Keychain gets pushed out to the OSX client via the MDM.
  • The drive Encrypts with no issues.
  • Drive unlocks using the Admin account.
  • Boot to Terminal and run the 'security unlock-keychain /path/to/Filevault.keychain' command. *Error 'The Specified Keychain could not be found'.
  • Boot to OSX and unlock Keychain - 'The username or passphrase you entered is not correct'.
    • i know it seems obvious what the issue is.
  • Go back to OSX server where the Keychain was created, run the same command (above) Keychain unlocks no problems.

It appears as the Keychain/Encryption is pushed out via the MDM it gets corrupt. That or I am doing something really wrong.

Has anyone experienced this before?

Cheers,
A.

Look over these instructions. They may help you:

[https://derflounder.wordpress.com/2011/11/23/using-the-command-line-to-unlock-or-decrypt-your-filevault-2-encrypted-boot-drive/](link URL)

Terms & ConditionsCookie settingsAccessibility statement