Profile-based FileVault encryption not working on MacOS Catalina

Hannes_CD
Comes here often

Profile-based FileVault encryption not working on MacOS Catalina

When trying to enable FileVault by profile, when shutting down the client, we get a prompt, asking for the device credentials in order to enable FileVault, but the device just shuts down/restarts without actually encrypting the hard drive.

JAMF is facing the same issue, but their profile configuration allows either encryption on startup or shutdown. The startup option seems to work.

 

Please implement an option to choose if the encryption should take place on startup or shutdown to cope with one of many bugs in Apples latest OS.

3 REPLIES 3
Noah_Salzman
Meraki Alumni (Retired)
Meraki Alumni (Retired)

Hi Hannes_CD, 

 

Can I trouble you to open a support ticket and then, once you have done that, post the case ID in this thread?

 

Thank you,

 

Noah Salzman

Product Manager for Meraki SM

Hi Noah,

 

the case ID is 04590821.

schalabi
Meraki Employee
Meraki Employee

The issue is Apple has changed the way the Filevault payload is installed on Catalina. 

 

Under Systems Manager > Manage > Settings > (select your profile name) > Filevault

 

Enable the following:

 

CHECK Defer encryption until after reboot

CHECK Defer enabling until logout

0 Maximum number of times users can bypass

 

Make sure you check your device into dashboard to pull down the new profile configuration settings then give your device a power cycle.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels