4 Replies Latest reply: Feb 14, 2014 4:08 PM by Kitty.Hello
timaceuk Level 1 (40 points)

It's really quite annoying that OSX Lion auto logs in to the admin account used to authenticate filevault.

 

I thought the server admins and avid cmd prompters out there might have a solution for me.

 

basically i want to auth filevault 2 FDE (If it is classed as Full Disk Encryption) with my admin password and then be presented with the username and password prompt.

 

any help appreciated

 

TimaceUK

  • Linc Davis Level 10 (192,897 points)

    If you want to log in as another user, authorize that user to unlock FileVault.

  • timaceuk Level 1 (40 points)

    Unfortunately this is not possible. I like the fact that my disk is essentially FDE as I work in an education environment. FDE means it's easier for me to dispose of equipment at EOL.

     

    But what I want is to be able to turn on the machines in the morning with FDE enabled and authenticate but then be prompted for the network users login credentials, then all I have to do is type the password and hit enter, not then manually log out of every machine or go back to my office to ARD logout.

     

    This is a simple request that must be possible

  • Linc Davis Level 10 (192,897 points)

    With fast user switching enabled, you can log in as an FV user, and then switch to whatever account you want, with or without logging out. If you just log out, you'll be left at the login screen. I'm not sure I understand why this doesn't work for you, but if it doesn't, then maybe one of the third-party FDE products such as PGP or CheckPoint would meet your needs.

  • Kitty.Hello Level 1 (0 points)

    It seems that what you really want is to automate the logout process of the admin user you use to unlock the FDE drive.

     

    I would try creating a specific user for this (eg: FDE), add that user to filevault, then add a login script that immediatly log the user out.

     

    Once you boot the machine, just log in as the FDE user and once the drive is unlocked it should send you back to the login screen.

     

     

    Here is a link on how to create login time scripts:

    https://developer.apple.com/library/mac/documentation/MacOSX/Conceptual/BPSystem Startup/Chapters/CustomLogin.html