Posted on 12-13-2017 12:46 PM
I finally have time now to continue testing with 10.13 in our environment and have been running into some issues with adding an admin to FileVault and performing an authenticated restart. The console and policy logs show that the account gets created but then fails when it tries to add that account to FileVault.
I have a script in place that will get the password for the account created during setup then use that to give our management account a secure token. I then use that account to issue a secure token to the user's FileVault account. This account is created via a script and dscl then uses the command line to get a secure token and a plist to then add it to FileVault. This process works every time, but I can't seem to get the account that gets created via the policy to work. I've also come across the issue where the Authenticated Restart command fails and it gets stuck in a loop where it just keeps trying the command but fails each time.
Anyone else run into a similar issue or have any articles they can point me to?