Jamf Nation Community

josaxo · ‎03-11-2014

Hello - In addition to the logged on user account, I would like to also enable our management account with FV2 unlock capabilities. I can successfully automate this process, but I noticed that the management account shows up on the initial FV2 logon screen. Is there a way to remove the management account from the logon screen?

Thanks for any help.

mm2270 · ‎03-11-2014

No there isn't. Although there are ways to enable hidden or sub 501 accounts for FV2, you can't do anything to stop it from showing up at the FileVault 2 pre boot login screen. This is why we don't enable our management account for FileVault.
Speak to Apple about it if you'd like to see that changed. We've requested more than a year and a half ago that they allow us to switch the FV2 login screen to username & password fields instead of List of Users. Why Apple hasn't given us this ability by now is simply beyond my comprehension, other than the knowledge that they sometimes don't care about what we want.

rtrouton · ‎03-11-2014

The reason you aren't currently able to get username and password blanks for the FileVault 2 pre-boot login screen is the same reason that you can't get a username blank for the firmware password. The FileVault 2 pre-boot login screen runs in EFI before the OS comes up, which means the limitations of EFI govern what Apple can provide.

Hopefully Apple can remedy this at some point, but the fact they haven't done this yet doesn't mean they aren't listening or don't care; it's a very tough request to fulfill.

msample · ‎02-20-2015

This is helpful, Rich...thanks.

FV2 - Enable Additional Users - Hide from logon window