Jamf Nation Community

So I've pieced together a script to tell me if the computer meets the qualifications for FileVault 2 and thought I would share. I'm no pro so if you see something I missed please feel free to share.

# First let's check the OS version
OSversionfull=`sw_vers -productVersion`
OSversion=${OSversionfull:3:1}

if [[ $OSversion -lt 7 ]]; then
echo "<result>FileVault 2 Encryption Not Available For This Version Of Mac OS X</result>"
exit 0
else


# Now let's check to see if there is the required Recovery HD.
# This does not check to see if this is Recovery HD is good.
Recovery=`diskutil list | grep "Apple_Boot Recovery HD"`

if [[  -z $Recovery ]]; then
echo "<result>FileValut 2 Encryption Not Available Without Recovery HD</result>"
exit 0
else


# Last let's check to see if the User is was using FileVault 1.
User=`last | grep console | cut -f 1 -d ' ' | sort | uniq -c | sort -nr | head -1 | awk '{print $2}'`
FV1=`dscl . -read /Users/"$User" | grep sparsebundle | awk '{print $1}'`

if [ "$FV1" == "HomeDirectory:" ]; then
echo "<result>An Earlier Version of FileVault Exists</result>"
exit 0
else
echo "<result>Ready for FileVault 2</result>"
fi
fi
fi