How to enable existing local account for FileVault 2?

AUng
New Contributor

We have 100+ Mac devices on Big Sur in our environment and would like to enable a specific local "IT Admin" account for FV2, so that the account is selectable upon booting the device. I'm aware of creating a new local account via policy and enabling the user throw the radio button, but the message displays "Beginning with macOS 10.13, you cannot use this method to enable a user for FileVault."

Is there another way to go about enabling an account for FV2?
ddb23db7918545bb81c790adc216f88f

1 REPLY 1

lrabotteau
New Contributor III

Hello @AUng , Have you try to create an user without using JAMF Policy but using Files and Process payload with the CLI to create an user like
sysadminctl .. ?
The create user directly got the SecureToken and can "Enable user for FileVault 2"

I'm using it on PROD and works perfectly