![]() For our environment we followed some best practice guidance from JAMF. You can certainly run filevault with Connect no problems but you do need the correct setting combos for this to work best. Upload the following PLIST file using the Custom Settings payload in your MDM solution. ![]() In today’s mobile work and education environments, a crucial. This setting forces network authentication to occur on computers with Jamf Connect login window already enabled, which prevents the Jamf Connect login window window from being bypassed by FileVault. Reading between the lines I am gathering that FV is not currently being turned on from a configuration profile?Using a separate config profile to turn on file vault and escrowing it is the JAMF recommended deployment method. To help you figure out the best practices for your organization, our webinar, How to Manage FileVault with Jamf, offers expert guidance on how to access the full potential of remote management of FileVault. Jamf is not responsible for, nor assumes any liability for any User Content or other third-party content appearing on Jamf. Information and posts may be out of date when you view them. All content on Jamf Nation is for informational purposes only. This diagram from JAMF explains the behaviour: Jamf does not review User Content submitted by members or other third parties before it is posted. Are we ready for macOS Big Sur We will for sure But in my opinion we should first ensure we are fully up to speed with understanding how FileVault. ![]() Ive experimented with both a Configuration Profile, assigned to the PreStage Enrollment, and with a Policy, and both have rough edges that Im not sure how to smooth out. Jamf helps organizations succeed with Apple. I will mention that you can reset the JAMF Connect log in window by running this /usr/local/bin/authchanger -reset -jamfconnect. My goal is to have all of the Macs have FileVault 2 enabled, with the individual encryption recover keys redirected to Jamf server. This deployment mode would be typically what you would want for a one to one user deployment. The way it works once the first file vault enabled user logs in from then on the connect window will not show and it will rely on Filevault authentication to proceed. If set to true, FileVault will be enabled for the first user that logs in to a computer. This would be expected behaviour if your connect payload has FDE setting enabled in the connect payload.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |