We have the policy to enable our local admin/management account with FileVault however recently it's stopped working and we're unsure why. Is it required to log in to the account before it can be recognized by the command?
I've attached the flow of the policy below.
Yeah welcome to the not-so-fun club. Its fairly complex at times. But essentially here's what we do:
1) Make sure techs who are imaging machines create the same account for the first account
2)During the imaging process we have the first account turn on the SecureToken for the management account
3)When an AD user logs in, they are prompted for their password and they are also give a secure token so they can log in
The reading in the firs thread is crucial to the learning process.