Help

Need to create a smart group: Find computers that don't have the local admin FV2 Enabled

woodsb
Contributor

Posted on ‎09-19-2018 04:38 PM

Hello does anyone know how to create a smart group that finds machines that don't have the local admin enabled for FV2? I need to grant secure tokens to these machines through self service.

0 Kudos
3 REPLIES 3

donmontalvo
Esteemed Contributor III

Posted on ‎09-19-2018 04:47 PM

Do you mean Local Admin Account or your Management Account?

--
https://donmontalvo.com
0 Kudos

woodsb
Contributor

Posted on ‎09-20-2018 10:59 AM

@donmontalvo We use local admin accounts to support users.

0 Kudos

mpuyet
New Contributor II

Posted on ‎09-20-2018 03:27 PM

If you've the same local admin on all your Mac, or just few different admin member account, you can use the native criteria SmartGroup "FileVault 2 User".

If you don't know all local admin, it's possible to create a Extension Attribute linked to a script getting admin group members names and return a YES/NO after check if one of all local admin is used in FV2

0 Kudos