HT1237: EFI and SMC firmware updates for Intel-based Macs

Learn about EFI and SMC firmware updates for Intel-based Macs
Mimi008
Level 1 (0 points)

Q: Recovery key and external drive

Is there a way to retrieve the recovery key on JAMF (JSS) server when external drive (ie USB flash drive) is encrypted using Filevault 2 running on Mavericks OS X 10.9.2? Please advise. Thank you.

MacBook, Mac OS 9.2.x

Posted on May 6, 2014 6:37 PM

Close
Mimi008

Q: Recovery key and external drive

  • All replies
  • Helpful answers

  • by Strontium90,

    Strontium90 Strontium90 May 8, 2014 4:18 AM in response to Mimi008
    Level 5 (4,087 points)
    Servers Enterprise
    May 8, 2014 4:18 AM in response to Mimi008

    Was the drive encrypted using a JAMF policy?  If not, I do not believe so.  While I have not supported the encryption of external drives, I will use an experience to support my response. 

     

    I had a user who was granted admin rights (why, I don't know).  The user enabled FileVault via our policy.  Then the user perceived the FileVault was causing problems so the users disabled it and decrypted the drive.  Then, once the user realized that they would probably get in trouble for this, then manually enabled it.  So while my smart group shows FV is enabled, my decryption key stored in the JSS does not match that on the unit.

     

    I would suggest investigating a method of providing a self-service policy for external drives.  Once again, in all my JAMF deployments, I have not had the requirement of encrypting external drives.

     

     

    R-

    Apple Consultants Network

    Apple Professional Services

    Author "Mavericks Server – Foundation Services" :: Exclusively available in Apple's iBooks Store