Help

Filevault2 / Network Account High Sierra

lrabotteau
New Contributor III

Posted on ‎02-19-2018 12:35 AM

Hello ,

I'm looking for a solution for the Filevault 2 Sync Password with AD users accounts.

Actually all my MBA are with AD users account installed.

My issue is when the users change their password (every 30 days) , it's not change for the FileVault.

Sometimes one users as not be connected to this Mac during 30-40 days , and when is back , he don't know the old password for FileVault , and we have delete keychain / reset and can't use the new password enter during Reset. We have to open the admin local just for unlock Filevault.

we have this issue only with High Sierra , I've try to add manually with CLI "fdesetup" but same issue

If someone got a solution for this.

Labels:
0 Kudos
2 REPLIES 2

steve_summers
Contributor III

Posted on ‎02-19-2018 06:45 AM

You should look into using NoMAD, the free AD Password synch tool. Not a sales pitch here, but we use it because it synchs the local and AD password, so when a customer changes their network password, their local password (FileVault) changes. It can be configured to synch the password if it's out of synch from the start.

https://nomad.menu

There also is a tool from Apple called Enterprise Connect. Does the same thing that NoMAD does. It's not free, however.

Hope that helps.

0 Kudos

donmontalvo
Esteemed Contributor III

Posted on ‎02-19-2018 08:28 AM

Mobile account passwords are sync'd to FileVault 2 on graceful logout after change...no?

--
https://donmontalvo.com
0 Kudos