Hi,
Does anyone know if its possible to deploy a secondary admin account that has FileVault enabled through a script? It looks like it was retired in Jamf with macOS 10.3. The only way I see right now is to enable the account from the primary admin account that has FileVault enabled.
Any suggestions on a work around is appreciated.
Thanks in Advance!
As long as you credentials for the accounts, it should be possible. I would start with Rich's write up
As long as you credentials for the accounts, it should be possible. I would start with Rich's write up
Thanks! I'll take a look
If you know the login/password for the first admin account with FileVault Token, then you should be able to remotely send a dscl command with that to create another one.
If you are on Monterey, then you can create another admin account remotely, but only AFTER logging in on the mac itself (so not via SSH or remote commands) then it should get the FileVault Token automatically.
If you know the login/password for the first admin account with FileVault Token, then you should be able to remotely send a dscl command with that to create another one.
If you are on Monterey, then you can create another admin account remotely, but only AFTER logging in on the mac itself (so not via SSH or remote commands) then it should get the FileVault Token automatically.
Im trying to do zero touch deployment so the end user would be the first admin account to be filevault enabled and I wouldn't have their password. Trying to see if I can have a secondary admin account enabled via self-service that prompts them for their password to add the secondary account
<remove me>
Im trying to do zero touch deployment so the end user would be the first admin account to be filevault enabled and I wouldn't have their password. Trying to see if I can have a secondary admin account enabled via self-service that prompts them for their password to add the secondary account
I think this might help:
https://github.com/jamf/FileVault2_Scripts/blob/master/addCurrentUser.sh
However if the first user already is admin, then he/she could just easily manually create a new (admin) account via Users & Groups. That account then will automatically have the FileVault Token.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.