Hi Folks,
I want to share some Information with you about an Error we got with the Activation of FileVault 2 in our environment.
Baseinfos:
JSS 8.62
Baseimage 10.8.2 created with instadmg; Default settings + Language DE
Configuration in Casper Imaging:
Baseimage
- After Reboot:
o Packages like Office 2011, Firefox, Settings and so on. Not very special
o customized First-Boot-Script based on the Script from Rich Trouton (Thx a lot, great work Rich)
o some other, not important scripts like AD-Binding, Flush Policy and so on
Ok, we use the Config since 4 Month for Imaging without any Problems. 2 Month ago we started to look at FileVault 2 with Casper. We created the Encryption Config and the Policy based on the JAMFsoftware Whitepapers. But instead of encrypting the client we get the Error “FileVault is off”. No other Informations.
After a lot of Tests and some Mails with JAMF, we found the following Solution:
From the First-Boot-Script of Rich we take the Step to disable Login for root (dscl . –create /Users/root UserShell /usr/bin/false) to our Script.
After disabling the Setting, it’s now possible to activate FileVault with a Casper-Policy. On old Clients which are already in production it’s ok to send dscl . –update /Users/root UserShell /usr/bin/false /bin/bash with Casper Remote.
I hope it help one or another in their environment.
Sorry for the English but I’m working on it ?
Thorsten
