Posted on 03-21-2024 12:59 PM
Hey everyone,
We are currently testing Jamf Connect and one of the issues we are facing is that we see the FileVault login screen. This has not happened to us before just started recently.
Our Jamf rep has told us that this is expected behavior, Is there a way we can bypass that login screen entirely and still have the device encrypted?
If it is possible can I please know the steps so I can do them.
Posted on 03-21-2024 01:37 PM
from off / power on you will aways see the FileVault login. The Mac is in 'pre-boot' and once authenticated will proceed to boot the system. You will see the JAMF Connect login at when the device is logged out.
This is how it works.
Posted on 03-21-2024 01:39 PM
Hmmm alright, the only thing i am confused about is that my test mac is encrypted and so far I have not seen the filevault login screen yet. If I wipe the device and set it up again it will appear. But at this moment I do not see it. And is there anything we can do to bypass that login screen?
Posted on 03-21-2024 01:46 PM
if you shut down your Mac.. the login screen will be FileVault, which will take you to the desktop (bypassing JAMF Connect)
if you then log out, you will get the JAMF Connect login.
If you power on and see JAMF connect, then something is not setup correctly.
03-22-2024 07:54 AM - edited 03-22-2024 07:56 AM
No, unlike something like BitLocker which has various decryption methods (like decrypting on boot, or network-based proximity decryption), if FileVault is on, you need to enter a pin to decrypt the drive. There is the caveat that the macOS boot volume is always encrypted, but not protected without FileVault enabled; think of having the best lock on your front door but never locking it.