FileVault 2 enable user via script

tcandela
Valued Contributor II

I have a user account on some macs that is not FileVault 2 enabled, is there a script available that i can apply to these macs that can enable that specific user account?

macs are running 10.14.6

6 REPLIES 6

geoff_widdowson
Contributor II

I use this this on a policy. You need to know a current a Filevault enabled user. Parameter 4 and 5 are an existing FV2 enabled account. Parameter 6 and 7 the account you are making FV2 enabled.

#!/bin/bash SECURE_TOKEN_USER=$4 SECURE_TOKEN_USER_PASS=$5 NEW_SECURE_TOKEN_USER=$6 NEW_SECURE_TOKEN_USER_PASS=$7 /usr/sbin/sysadminctl -adminUser "$SECURE_TOKEN_USER" -adminPassword "$SECURE_TOKEN_USER_PASS" -secureTokenOn "$NEW_SECURE_TOKEN_USER" -password "$NEW_SECURE_TOKEN_USER_PASS" exitresult=$(/bin/echo $?)

taylorducharme
New Contributor III

I run this through self service. it will grant them the secure token automatically. it will pull the current user's name in and just prompt for their password so there is very little for the user to mess up.
5660f16564424df2820a688c0c0b44f6

tcandela
Valued Contributor II

@geoff.widdowson hi there, thanks for answering.

so i have 2 current users, both accounts are administrators.

'User1' is enabled 'User2' is not enabled.

I will have to know the passwords of both users?

geoff_widdowson
Contributor II

@tcandela Yes on the script I use you need to know the password for both, so 'SECURE_TOKEN_USER_PASS=$5' is the password of the FV2 enabled account 'User1' and 'NEW_SECURE_TOKEN_USER_PASS=$7' is the password of the account you are adding to FV2 'User2'. If your accounts have different passwords on each device this script is not going to work.

tcandela
Valued Contributor II

@taylorducharme @geoff.widdowson thanks for answering. This sucks, especially if you don't know any of the users passwords but the account you wan't FV2 enabled.

shrisivakumaran
New Contributor III

is there anyway to enable FV2 for second account (local admin account created via Jamf) with script?