Help

10.14.2 and FileVault

jgonitzke
New Contributor

Posted on ‎01-08-2019 01:52 PM

I have not been successful at getting 10.14.2 to encrypt with filevault. I followed this HERE and it works with High Sierra and older. I have configured a smart computer group to show what computers are not eligible for filevault and the Mojave machines show in there. Why would that be? Yes the Mojave machines have the recovery partition. Has anyone seen this before? Also just got a brand new Macbook Pro that has Mojave on it out of the box and JAMF says that it is not eligible for filevault. Thanks9b6556496a5c4b8fa2e85d45eb47d8ac

0 Kudos
1 REPLY 1

bwiessner
Contributor II

Posted on ‎01-09-2019 06:38 AM

Depending on how you have had it setup - everything changes with APFS and Secure Tokens - before the computer can be filevault enabled or a user added to the filevault user list that user has to have a secure token.

In a nut shell - the first user that logs into a APFS machine gets a secure token - then only that user is allowed to give out additional secure tokens to other users - read up on a few articles here -

https://derflounder.wordpress.com/2018/01/20/secure-token-and-filevault-on-apple-file-system/
https://www.jamf.com/jamf-nation/feature-requests/6756/securetoken-management-high-sierra-and-higher
https://apple.stackexchange.com/questions/313366/what-is-a-secure-token-and-how-do-i-get-an-admin-users-that-has-one