1 Reply Latest reply on Aug 1, 2014 12:28 PM by dcass8472

    Issues deploying MNE

    dcass8472

      Hopefully someone has had to battle this as well, but I see no discussion on Mcafee Native Encryption for Mac.

       

      I am deploying MNE to about 150 machines and have a few road blocks on about 20% of them.

       

      Here are the issues I have not been able to solve.

       

      If I deploy MNE to a machine when the user is not currently logged into it but the local admin.  The admin is prompted for a password on shutdown and never the user. (I cancel out as admin as I only want the users account to unlock the drive)  I have done several wake-ups from epo with the user logged in as well as from the machine.  Is there a command to make MNE re-survey the user accounts and add the user?

       

      Other machines I've deployed to install successfully but never ask for the users password to enable FV.  last item on Threat Events is Restart Prompt appeared.  Several restarts after but nothing.  Log files show FV is managed and policies are enforced. 

       

      Machines are joined to active directory with mobile accounts for the users.  All machines are running EPO 4.8 and MPEM 2.1.

        • 1. Re: Issues deploying MNE
          dcass8472

          Just in case others need not spend the time recreating the wheel I figured out how to remove/changed the deferred user.

           

          Run

          Sudo fdesetup status

          FileVault is Off.

          Deferred enablement appears to be active for user 'username'.

           

          Look up where the FV plist file is

          Sudo fdesetup showdeferralinfo

          {

              Defer = 1;

              OutputPath = "/path/to/filevault/plist";

              Usernames =     (

                  {username}

              );

          }

           

          sudo fdesetup disable -user {username} -defer  /path/to/filevault/plist

           

          Reboot and login as the desired user and a wakeup from EPO will prompt for restart and their password to enable FV.

           

           

          Investigating my other issue is seems either the prompt isn't happening or my users are not being truthful to me....  Time for a visit.