Posted on 08-01-2018 02:23 AM
I have a 10.13.6 fresh build mac with an local admin account created by macOS setup Assistant it has a secureToken, but then i bind the machine to our AD which has the setting enabled for mobile accounts, then login as a AD user and get the prompt Enter a secureToken Administrators name and password to allow this mobile account to use file vault.
You can select bypass but would prefer we dont get this prompt in the first place for non filevaulted machines.
Does anyone know how to suppress this?
thanks
Solved! Go to Solution.
Posted on 08-01-2018 02:42 AM
Take a look at this, works well for us.
Posted on 08-01-2018 05:56 AM
Here are the steps I took. From here download the zip file and pull out the config file from the folder. Upload a new config profile, upload the .comfig file, name config profile, save and deploy. That was it for me. Mine is set to auto install at computer level.
Posted on 08-01-2018 02:42 AM
Take a look at this, works well for us.
Posted on 08-01-2018 03:54 AM
Thanks, However i uploaded this to jamf pro and made a configuration profile of it. Downloaded and installe don a machine and tested.
But i still get the Suppress Enter a secureToken Administrators name and password to allow this mobile account to use file vault. when i login as a cached Managed mobile account. Did you say you have this working on 10.13.6 ?
Or am i doing something wrong here?
Posted on 08-01-2018 05:43 AM
I also use the profile in the link shared by mark.mahabir and it works perfectly on 10.13.6 machines. These are on machines bound to AD and create a mobile account at login.
Posted on 08-01-2018 05:56 AM
Here are the steps I took. From here download the zip file and pull out the config file from the folder. Upload a new config profile, upload the .comfig file, name config profile, save and deploy. That was it for me. Mine is set to auto install at computer level.
Posted on 08-01-2018 06:08 AM
Thanks, i missed the download zip and was copying pasting the xml.
I guess thats where i went wrong, anyway now i have downlaoded the zip its working fine.
very many Thanks
Posted on 08-01-2018 06:12 AM
@markc0 @mark.mahabir @J.Mukite I would encourage you all to vote up this feature request and voice your opinion on jamf implementing this.
macOS supports it. Jamf should too.
Posted on 08-01-2018 06:37 AM
Great stuff, upvoted!
Posted on 08-02-2018 06:26 AM
Thanks @mark.mahabir ,
worked 100% .
Posted on 09-13-2018 11:45 AM
Got the profile set up, and the securetoken message no longer displays when adding a new user, however, now I'm having issues with the user accounts not being able to unlock the volume after a restart, and I cannot enable the user from system preferences.
Anyone else run into this, or know of any workarounds?
Posted on 09-13-2019 06:14 AM
@J.Mukite Once I've pulled the config file out of the zip folder, where do I upload it to? I don't have experience modifying config profiles so if you could point me in the right direction it would be much appreciated.
Posted on 10-09-2019 04:03 PM
Can someone please tell/show how to implement this? I'm still learning how to use Jamf for some of the finer things beyond a basic profile or policy. @J.Mukite perhaps?
Is it just me that this seems like a silly thing to be prompted about when Filevault isn't actually turned on for a drive?
Posted on 08-22-2024 10:42 AM
still works on sonoma. Just reimaged a bunch of m1 laptops from monetary and they are all doing this. The fix does still work.