Posted on 04-08-2019 09:47 AM
I'm starting to encounter brand new Mojave installs that, when trying to apply a configuration profile to enable filevault and escrow the key, says something to the effect of the configuration profile not being compatible with this version of macOS . The profile is still working on other macOS versions up to High Sierra. Is there something different that needs to be done to get Mojave to work? Running JSS 10.9.
Thanks!
Posted on 04-08-2019 09:51 AM
By chance do you have the FileVault Recovery Key Redirection payload also bundled in that same profile along with the Security & Privacy payload? Mojave doesn't want that Recovery Key Redirection payload. High Sierra was perfectly happy ignoring that payload, but Mojave has a tantrum. (The FileVault Recovery Key Redirection payload is only needed for macOS 10.12.x and below)
Posted on 04-08-2019 09:57 AM
I would update Jamf to at the very least 10.7.1 - there are some funny filevault issues that have occured. However, you should get up to Jamf 10.9
Posted on 04-08-2019 10:58 AM
It's absolutely because of the standalone redirection payload, the one that is its own category. You want the one that's part of Security & Privacy.
Posted on 04-09-2019 11:36 AM
In our case, we had the same problem with clean High Sierra installs (i.e. not upgraded post-FV application); we ended up creating 2 "baseline" security Profiles; one for Sierra and below, and another for High Sierra and above, with the 2 different payloads being the key distinguishing feature.