Posted on 06-08-2020 05:20 PM
We're moving to Jamf Connect from AD. In the past we've had issues with Filevault and password syncing. To solve this we created a local account that was filevault enabled. This way we can get back in, remove the affected user from being filevault enabled, and add them back as a filevault enabled user.
Is it still necessary to have an account like this with Jamf Connect? Do these Filevault sync issues still exist with local accounts using Jamf connect? The only other use for this account would be for decryption and maybe data recovery when the user leaves. If I have the recovery key then that doesn't matter anyways, right?
Posted on 11-24-2020 10:35 AM
We have account like this. I do not know if it is necessary, but it is helpful. For whatever reason, accounts become out of sync with FileVault; usually it is because the user changes their password outside of the Jamf Connect utility. Having another account to fix this is a good thing.