_mbsetupuser and FileVault2 Configuration Profile

cskj
New Contributor II

We're using a Configuration Profile to enable FV2.

The problem is, during the first boot wizard sometimes the _mbsetupuser is the user it chooses for deferred encryption. If we go through the setup wizard and login fast enough (before the profiles are pushed down) then it seems to use the proper created user.

Have any of you encountered this issue or know a decent workaround?

3 REPLIES 3

davidhiggs
Contributor III

might be worth reading:
http://www.johnkitzmiller.com/blog/how-i-deploy-filevault-2/

cskj
New Contributor II

I opened a support ticket with Apple and they have confirmed and replicated the issue.

Hopefully this means they will fix it soonish.

cgiordano
Contributor

Just to play devil's advocate is there as reason you're doing it via Config Profile? You could easily take care of this via Policy. I'm not sure if the _mbsetupuser problem would appear or not, but the testing I've done doesn't seem to run into this issue. You'd also be able to set up a policy to run after that, as well, that would enable the Management Account for FV2.

Just a thought and my two cents :)
Good luck!
Chris