Jamf Nation Community

josh_miller · ‎11-14-2016

Hello,

I'm attempting to create a configuration profile for FileVault disk encryption and when attempting to do the FileVault disk encryption at logout it fails. If I manually start it, it seems to begin doing it but I would like the config profile to do it. If this isn't possible and I have to use a policy then so be it but I was hoping to use the config profile.

Thanks!

stevewood · ‎11-14-2016

@josh.miller the following blog post by @kitzy helped me get FV2 enabled via Config Profile to work perfectly:

How I Deploy FileVault 2

The only times I have trouble with that process is when I forget to put a restore partition on a machine I am redeploying. Other than that, I've had no problems with it.

josh_miller · ‎11-14-2016

Nice little guide however I have mine configured like his and when a user logs out and it asks them for their password to enable FileVault it then fails and tells me to enable it in Security and Privacy. Is that going to be the workflow for machines that are currently in the wild?

josh_miller · ‎11-14-2016

I have attached the error I get when attempting to add the user to FileVault and begin the encryption process.

stevewood · ‎11-14-2016

@josh.miller have you verified that the systems have a restore partition? What operating system are these failing on? And is it every machine, or only a handful?

josh_miller · ‎11-14-2016

I'm only testing right now and I have tried on both 10.11 and 10.12. Both have a recovery partition

hunter990 · ‎04-28-2017

I@josh.miller did you ever get any resolution to this. We are having the same issue with our systems here. FYI, for those that mentioned it, I do have recovery partitions. I am understanding it is looking for a cert. Trying to get further information on it.

Jamf Nation Community

FileVault Configuration Profile - 10.11 and 10.12