FileVaultEnableAdminAccount
FileVault enable your organizational admin account...even on macOS 10.13!
Install / Use
/learn @kc9wwh/FileVaultEnableAdminAccountREADME
FileVault Enable your OrgAdmin Account
FileVault enable your organizational admin account...even on macOS 10.13!
This script was designed to be part of a policy within Jamf Pro to FileVault enable your local admin account on your macOS devices. This script is compatible with SecureToken on macOS 10.13 as well. If the script runs and doesn't find the admin account, it will create it and then FileVault enable it.
Requirements:
- Jamf Pro
- macOS Clients on 10.9 or later
- LOGO File present on macOS device.
- Look over the VARIABLES and configure.
Why is this needed?
Starting with macOS High Sierra, Apple has introduced SecureToken along with the APFS filesystem. Currently when accounts (including the management account) are created with Jamf Pro via a Policy, QuickAdd or DEP (Management Account) these accounts do NOT get a SecureToken. This script will prompt the currently logged in user if they are FileVault Enabled for their macOS password, which is used to FileVault enable the orgAdmin account.
This script has been tested on OS X 10.11.6, 10.12.6 and macOS 10.13.3
Configuring the Script
When you open the script you will find a variables section that will need to be configured. Here you can specify the message that is displayed to the end user while the script is running, your custom logo file, and the orgAdmin credentials (using Encrypted Strings) that you want to FileVault Enable.
For setting up Encrypted Strings, please ensure the USER and PASS both use the same SALT and PASSPHRASE.
https://github.com/brysontyrrell/EncryptedStrings.
These variable should also be using Jamf Pro Parameters and the labels should be specified after upload to Jamf Pro under Settings > Computer Management > Script > {thisScript} > Options
- PARAMETER 4: ADMIN_USER_ENCRYPTED
- PARAMETER 5: ADMIN_PASS_ENCRYPTED
- PARAMETER 6: SALT
- PARAMETER 7: PASSPHRASE
https://www.jamf.com/jamf-nation/articles/146
Example of Script Parameter Labels
Example of Script Parameter in Policy
Video Guide to Setting up Encrypted Strings
Click the video to start playing on YouTube
Related Skills
node-connect
342.5kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
85.3kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
342.5kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
342.5kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
