Posted on 06-04-2021 10:02 AM
Issued a 2015 MacBook Air to a user. Her account is Standard. I created the account in System Preferences, and I'm positive her account is FileVault-enabled. She restarted her machine and the only account available was the Admin account that I used to set up the computer.
This computer was completely erased and Big Sur installed when I set it up for her. It's in our ABM account.
Has anyone else encountered this? Did i neglect something in setting up her mac?
Posted on 06-04-2021 11:13 AM
Sounds like she does not have a Secure Token. If you can log in to the computer try running this command
sysadminctl -secureTokenStatus $user and see if a Secure Token is enabled or disabled for her account.
If not, try using the
sysadminctl -secureTokenOn command. You will need both passwords (local admin & user password).
Posted on 06-04-2021 11:38 AM
I believe after doing what @RBlount suggested, you will also need to update the preboot, with fdesetup add -usertoadd <username>
Posted on 06-07-2021 08:32 AM
Secure Token and Bootstrap Tokens are both enabled for the account. I did get ths, though.
-read /Users/user.name AuthenticationAuthority No such key: AuthenticationAuthority
Thanks for the replies. Will keep trying things.
Posted on 06-07-2021 10:25 AM
Do you see the users account listed if you run fdesetup list in Terminal?
Posted on 06-08-2021 03:39 PM
Unfortunately, I didn't have a chance to run that command. I logged in as admin and recreated their account from scratch and tested everything. They needed a working computer more than I needed an answer to this specific problem. I'm retracing my steps on another computer trying to recreate the problem.
Again, thanks for the help, everyone.
Posted on 06-10-2021 03:37 PM
Figured it out: Filevault hadn't completed its initial encryption when the computer was restarted. Once encryption is complete, all FV enabled accounts show up on restart.