Posted on 12-01-2014 01:03 PM
I'm in early stages of testing FV2 deployment, with little experience to fall back on. The first several were as expected; deploy config, logout, enablement/password prompt, reboot to pre-boot auth screen, login and encryption began. Cool, pats-on-back!
Now I've got one that FV2 does not enable, and I'm always returned to the normal username/password login screen. Running fdesetup status confirms FileVault is Off, and that deferred enablement is active for the desired user.
What gives? Why didn't it automatically enable. Now the user did tell me that they manually encrypted and then decrypted this drive a few weeks ago.
Posted on 12-01-2014 01:09 PM
Is the recovery partition in place and working?
Posted on 12-01-2014 01:53 PM
yes, diskutil list shows a Recover HD present. Working, beats me!
Posted on 12-01-2014 02:12 PM
I had problems with that when testing out fv2 ages ago and always happened when decrypting and encrypting. Never got to the bottom of it.
Wanted to automatically encrypt the partition if the user decrypted it
Posted on 12-01-2014 02:41 PM
I've seen similarly odd behavior sometimes with fdesetup. After the first execution of it you run the risk of straight-up failures. For example, I can set a specific user as "deferred" but there is a very good chance that I can't revoke that or change it to a different user. It's supposed to work and there are no errors thrown, but it simply doesn't.