FileVault Removal on Mac

user-kUBTUwQZas
New Contributor II

Hello Nation,

I landed here because I am out of ideas and attempts for doing a thing.

I have a MacBook that was enrolled over Jamf against a user profile and after I removed the MDM for the device from JamfPro, re-imaged the mac, and created a fresh login on it. Every time I turn on the Mac it asks for the old/initial password to unlock the disk which I, unfortunately, don't have.
Is there a way to avoid this happening on this particular MacBook?

Also, please guide me if there are any steps to be followed either on the Client or on the MacBook physically, to avoid this happening on other machines as well?

Looking forward to having your valuable guidance.

Thank you.

8 REPLIES 8

junjishimazaki
Valued Contributor

I would boot to recovery mode, select Forget All Password-->Enter the FIlevault Key that you got from Jamf for that Mac. Select the account you want to reset the password. Enter the new password. Once done, click next. It should take you back to the recovery window. Then reboot

JustDeWon
Contributor III

^^

user-kUBTUwQZas
New Contributor II

@junjishimazaki Hey, thanks for the suggestion. But I am not really sure I exactly follow you here as I could not find the option to Forget Password in the disk utility anywhere. It would be helpful if you can also share some additional steps to find the same.

Thank you.

Jason33
Contributor III

Did you erase the drive, or just re-install a copy of macOS? As suggested above, if you boot to Recovery and you are prompted to enter the Recovery Key (which you dont have), you can click the Apple icon in the menu bar and select Erase Drive. That will erase the drive and you'll need to boot to Recovery again to install a clean macOS to the machine.

user-kUBTUwQZas
New Contributor II

I did erase the drive completely, reinstalled the OS, and later after creating a fresh profile, on every restart it prompts for an initial password to unlock the disk. The FileVault is off presently.

junjishimazaki
Valued Contributor

You keep stating you get a prompt for a password to unlock the disk which to me indicates that the drive is FileVault enabled. Otherwise, a normal login screen will log in with the profile not unlock the disk. If you are certain the FIlveVault is not enabled, reboot to recovery mode, open terminal and type resetpassword. Then select the account you want to reset, enter the new password, reboot, and see if you can login.

user-kUBTUwQZas
New Contributor II

Yes @junjishimazaki , you got me right now. initially, the FileVault was enabled and this time, on a fresh account I wish to avoid that prompt. If you have additional instructions to avoid this happening on other devices then it will be of great help to me.

Thank you.

junjishimazaki
Valued Contributor

I would start by looking at your Jamf instance on how FilveVault is deployed whether it's by a configuration profile or a policy. If by a policy look at the trigger event and scope. Filevault just doesn't get enabled automatically. Either you enable it manually or it's eanbled by a MDM like Jamf.