Skip to main content
Question

Moajve configuration profile - filevault cannot be applied?


Forum|alt.badge.img+7

I'm starting to encounter brand new Mojave installs that, when trying to apply a configuration profile to enable filevault and escrow the key, says something to the effect of the configuration profile not being compatible with this version of macOS . The profile is still working on other macOS versions up to High Sierra. Is there something different that needs to be done to get Mojave to work? Running JSS 10.9.

Thanks!

4 replies

Forum|alt.badge.img+9
  • New Contributor
  • 60 replies
  • April 8, 2019

By chance do you have the FileVault Recovery Key Redirection payload also bundled in that same profile along with the Security & Privacy payload? Mojave doesn't want that Recovery Key Redirection payload. High Sierra was perfectly happy ignoring that payload, but Mojave has a tantrum. (The FileVault Recovery Key Redirection payload is only needed for macOS 10.12.x and below)


Hugonaut
Forum|alt.badge.img+15
  • Esteemed Contributor
  • 574 replies
  • April 8, 2019

I would update Jamf to at the very least 10.7.1 - there are some funny filevault issues that have occured. However, you should get up to Jamf 10.9


Forum|alt.badge.img+17
  • Contributor
  • 881 replies
  • April 8, 2019

It's absolutely because of the standalone redirection payload, the one that is its own category. You want the one that's part of Security & Privacy.


Forum|alt.badge.img+6
  • Contributor
  • 103 replies
  • April 9, 2019

In our case, we had the same problem with clean High Sierra installs (i.e. not upgraded post-FV application); we ended up creating 2 "baseline" security Profiles; one for Sierra and below, and another for High Sierra and above, with the 2 different payloads being the key distinguishing feature.


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings