Skip to main content
Jamf Nation, hosted by Jamf, is the largest Apple IT management community in the world. Dialog with your fellow IT professionals, gain insight about Apple device deployments, share best practices and bounce ideas off each other. Join the conversation.

FileVault2 Enabled Users High Sierra

The last few High Sierra machines we have deployed I have noticed that after setting up Encryption and its completion, on the Filevault window it says Some Users are not able to unlock the disk. When I click on Enable users and login as the AD/Mobile User I get the check mark like all is good but after I reboot they are not enabled again. I have even tried to manually provide them with a SecureToken using the sysadminctl commands and after reboot same thing. Is there something wrong or what are the affects of a user not being enabled to unlock the drive?

Like Comment
Order by:
SOLVED Posted: by dgreening

Make sure to run "diskutil apfs updatePreboot /" after adding users (we do this programmatically post sysadminctl user add).

SOLVED Posted: by bruth85

Whats odd is I would expect if the user is truly not able to unlock the disk it should ask for a disk password correct? The user can login as normal and you can watch the progress bar run its course and get into the users desktop.