Jamf Nation Community

tcandela · ‎11-26-2014

How exactly is FV2 disk encryption configuration supposed to work?

i want each user that logs in to be prompted to enter their password to be FV enabled
is this possible? I only seen this happen once for the first user, afterwards I had to go ENABLE each additional user manually.

I have Require FileVault 2 Require users to enable FileVault 2 based on one of the following events
AT NEXT LOGOUT

what should the policies trigger and execution frequency be ? (i have it on logout and ongoing)

rtrouton · ‎11-26-2014

Casper's FileVault 2 management uses Apple's fdesetup tool. Understand fdesetup, and you'll understand how Casper's FileVault management works.

I have a post on fdesetup on Mavericks available here and the same capabilities are available in Yosemite's fdesetup tool*:

http://derflounder.wordpress.com/2013/10/22/managing-mavericks-filevault-2-with-fdesetup/

*Yosemite added one additional capability to the deferred enablement options, but that option is currently broken as of 10.10.1:

https://jamfnation.jamfsoftware.com/discussion.html?id=12620

View solution in original post

gachowski · ‎11-26-2014

I have a 1st log-in script that has a trigger/event that calls policy that is set to custom (once per computer and At next log in). With 9.6.1 and Mac OS X.10 it's Zero touch. The user logs in the script runs and then auto reboots the machine. On the user next log-in the the OS pop up a window tell the user they must encrypt they drive.

It doesn't as for the users password as it just got it during the log in and they user can't override it : ) the cancel button just reboots to the same same pop up : )

Big improvement in X.10 and 9.6

C

rtrouton · ‎11-26-2014