Jamf Nation Community

hulsebus · ‎04-08-2019

I'm starting to encounter brand new Mojave installs that, when trying to apply a configuration profile to enable filevault and escrow the key, says something to the effect of the configuration profile not being compatible with this version of macOS . The profile is still working on other macOS versions up to High Sierra. Is there something different that needs to be done to get Mojave to work? Running JSS 10.9.

Thanks!

Sichas · ‎04-08-2019

By chance do you have the FileVault Recovery Key Redirection payload also bundled in that same profile along with the Security & Privacy payload? Mojave doesn't want that Recovery Key Redirection payload. High Sierra was perfectly happy ignoring that payload, but Mojave has a tantrum. (The FileVault Recovery Key Redirection payload is only needed for macOS 10.12.x and below)

Hugonaut · ‎04-08-2019

I would update Jamf to at the very least 10.7.1 - there are some funny filevault issues that have occured. However, you should get up to Jamf 10.9

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman

alexjdale · ‎04-08-2019

It's absolutely because of the standalone redirection payload, the one that is its own category. You want the one that's part of Security & Privacy.

KSchroeder · ‎04-09-2019

In our case, we had the same problem with clean High Sierra installs (i.e. not upgraded post-FV application); we ended up creating 2 "baseline" security Profiles; one for Sierra and below, and another for High Sierra and above, with the 2 different payloads being the key distinguishing feature.

Moajve configuration profile - filevault cannot be applied?