Jamf Nation Community

VitorCostaUK · ‎09-05-2019

Is there a way to allow a FV approved user to unlock the disk but NOT automatically log them in using their AD Credentials?

the reason I ask is because i have some of our MBP configured so that the login credentials supplied at login page are used to initiate the wireless connection and THEN sign them in with their AD credentials , however FV just logs them in and therefore they are not connected to the wireless and then have to initiate the connection or else they have to then log out and sign in to connect the wireless then the AD logon.

how can i get the users to unlock the disk but NOT log them into the OS ?

jason_bracy · ‎09-05-2019

Create a Script with this command:

sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES

Then have a Policy that runs that script once per computer.

View solution in original post

jason_bracy · ‎09-05-2019

Create a Script with this command:

sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES

Then have a Policy that runs that script once per computer.

bmee · ‎09-05-2019

follow and save for later

jmahlman · ‎09-17-2019

Fixed it for us!

ayounus20 · ‎05-28-2020

anyone figure out how to do this via a config profile?

ericbenfer · ‎05-28-2020

Create Use a custom configuration profile.

com.apple.loginwindow.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>DisableFDEAutoLogin</key>
    <true/>
</dict>
</plist>

Jamf Nation Community

FV and Stop Auto Login