FileVault2 not starting by JAMF policy on 10.14 newly imaged mac

MACHOUSTON
New Contributor III

i'm using an established policy with JAMF PRO 10.7.1.
i just imaged this Mac mini MOJAVE 10.14 all config and policy are applying excepted FILEVAULT2 using an individual Key stored by JAMF
c131e741865b418fb662f4a01a88ec19
1de6630d20cb4333b0ee0a0616370bbb
Did anyone encounter that error?

1 ACCEPTED SOLUTION

Kaltsas
Contributor III

You need to scope your redirection profile for 10.12 and older and create a new profile to escrow the key in 10.13 and higher. The 10.13 and higher function is located Under Security & Privacy ¬ FileVault using Jamf's built in profiles.

View solution in original post

7 REPLIES 7

MACHOUSTON
New Contributor III

i also Got error Unknown 76 on the policy failed .

wmehilos
Contributor

Do you have any configuration profiles installed on that Mac with the top level "FileVault Recovery Key Redirection" payload enabled? That won't work on anything past 10.12.

Can you do a defaults read on the com.apple.FDERecovery plist?

MACHOUSTON
New Contributor III

yes i do have a FileVault Recovery Key Redirection" payload enabled and yes its redirecting the key to my MDM.

Kaltsas
Contributor III

You need to scope your redirection profile for 10.12 and older and create a new profile to escrow the key in 10.13 and higher. The 10.13 and higher function is located Under Security & Privacy ¬ FileVault using Jamf's built in profiles.

MACHOUSTON
New Contributor III

THANKS, is there a some doc i can read more on?

gachowski
Valued Contributor II

@MACHOUSTON

It's not on the 1st page but here is the non-Apple expert..

https://derflounder.wordpress.com

He has a post about it in detail, you just have to hunt for it...

C

danny_hanes
Contributor