- Jamf Nation Community
- Products
- Jamf Pro
- Re: #JNUC : Managing FileVault 2 on OS X Mountain ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
#JNUC : Managing FileVault 2 on OS X Mountain Lion with the Casper Suite
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-19-2012 07:08 AM
Rich Trouton will be presenting this session on Tuesday, Oct 23 at 10:45am. Wurtle Thrust Stage (level 4)
For everyone who will be in the audience (and everyone who would like to but can't make it), let's use this thread to collect thoughts/ideas/links/questions. Rich will also be hosting an overtime session later that afternoon to answer questions that he couldn't get to in the main session. (Nelson Classroom, level 8, 3:30 - 4:30pm)
I'll kick it off with some helpful links (lifted shamelessly from Rich's presentation):
Apple Best Practices for Deploying FileVault 2 - http://training.apple.com/osx
Administering FileVault 2 on OS X Mountain Lion with the Casper Suite - http://www.jamfsoftware.com/resources/white-papers
Using fdesetup with Mountain Lion’s FileVault 2 - http://derflounder.wordpress.com/2012/07/25/using-fdesetup-with-mountain-lions-filevault-2/
Embedding certificate data into a fdesetup plist file - http://derflounder.wordpress.com/2012/08/22/embedding-certificate-data-into-a-fdesetup-plist-file/
Encrypting Volumes in OS X Mountain Lion - http://krypted.com/mac-os-x/encrypting-os-x-mountain-lion/
8 REPLIES 8
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-23-2012 09:43 AM
Appreciate the repostable screen flows here Rich.
Curious on common scripts or remote commands you've found needed after setting up FV2 on your machines. Are there specific gotchas you've found or things to look our for? Overview of leveraging self service a great start.
Looking at options between FV2 through Casper vs Credent, which we understand may be able or manage FV2 itself as well.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-23-2012 12:33 PM
Cliff,
The most common gotchas I've run into are the following:
- FileVault 2 won't enable - Usually this means that the Recovery HD partition isn't there, though there may be other OS or CoreStorage-related problems that are preventing FV 2 from turning on. In general, if FV 2 doesn't turn on, check for the the following:
A. Is the Recovery HD partition present?
B. Is the boot drive part of a software RAID? (FV 2 won't enable on a RAID if it can detect it.)
C. Are there other OS problems (freezing, kernal panics, etc.) happening on this Mac?
- Incorrect understanding of how fdesetup's options work - I tried to call out this most common misunderstandings during my talk, but here's the ones I've encountered most often:
A. Can you use fdesetup's defer option to add multiple accounts, or add accounts following encryption?
The defer option enables one single user account at the time of turning on FileVault 2 encryption. The defer option does not enable multiple user accounts and cannot be used to enable accounts once FileVault 2 encryption has been turned on.
B. Can I use fdesetup sync to add accounts?
No, the sync command does not allow accounts to be added from a directory service.
fdesetup sync's main use currently is to automate the disabling of FileVault 2-enabled accounts by checking the directory service to see which accounts have been removed.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-23-2012 12:34 PM
For those who wanted a copy of my FileVault 2 slides, here are links to the slides in PDF and Keynote format.
PDF: http://tinyurl.com/jnuc2012fv2PDF
Keynote slides: http://tinyurl.com/jnuc2012fv2keynote
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2012 06:26 AM
Is there any way to see video of the demo pieces of this session?! I find myself desperately wishing I was there to see some of the 'actuals'. Thanks for taking time to work all this up!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2012 06:40 AM
vwebb,
The Keynote slides include the demos as embedded movie files, so you can download the slides and watch them.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2012 08:44 AM
Thanks Rich! I was looking via Preview, not Keynote. After using Keynote to open I'm able to see the videos with no problem, but there is no audio during them for me. Am I doing something else wrong? :)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2012 08:53 AM
vwebb,
You're doing it right. The demo movies themselves don't have a soundtrack. If you want what I'm saying during the demos, that will need to wait until JAMF posts the session video.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-04-2012 07:44 AM
The full video of Rich's presentation is online: http://www.jamfsoftware.com/news/2012/11/30/video-managing-filevault-2-on-os-x-mountain-lion-with-th...
