Help

how to run inventory update right after FileVault encryption process?

HFCA
New Contributor

Posted on ‎06-16-2022 04:37 PM

I have an ongoing policy set to run FileVault encryption on not encrypted devices. 

But the status won't reflect the change until an inventory update.

Wondering is there a way to trigger the inventory update right after the full encryption is completed. (after reboot)

0 Kudos
Reply
3 REPLIES 3

revive
New Contributor III

Posted on ‎06-16-2022 05:46 PM

create a script or use the files and processes area in the policy and add.

 

sudo Jamf recon

 

I recommend using a script option that way you can use it for other policies later on if needed. 

0 Kudos
Reply

andrew_nicholas
Valued Contributor

Posted on ‎06-17-2022 04:21 AM

If you're looking for something to run almost immediately after encryption finishes, you're probably going to need to use a custom LaunchDaemon and script written locally to the device. You could create both items and load the launch daemon as part of the policy, with the daemon running the script every 5 minutes or so. The script itself could just be set to check for FileVault status, exiting if not completed, or running recon and self destructing both deamon and script when completed. If you're already running a daily inventory it might be a bit overkill. Is there a particular action you're trying to use after the process compeltes?

0 Kudos
Reply

howie_isaacks
Valued Contributor II

Posted on ‎06-17-2022 06:34 AM

Is there a reason why you can't use the Maintenance section in the policy to turn on the payload to update inventory? I do this with all of my app install policies, and I have done it with my FileVault policy. When the inventory updates, it will show that FileVault is active even if the encryption status is not yet encrypted.

0 Kudos
Reply