FileVault Settings

Jamf Connect Documentation

Solution
Application: Jamf Connect
Content Type: Technical Documentation
Utilities & Services
ft:locale: en-US

Domain —
com.jamf.connect.login
Description —
Used to configure how FileVault is enabled with Jamf Connect.


Setting	Description
Enable FileVault `EnableFDE`	When enabled (set to true), FileVault is enabled for the first user that logs in to a computer. `<key>EnableFDE</key> <false/>`
Save FileVault Recovery Key `EnableFDERecoveryKey`	When enabled (set to true), Jamf Connect will store the personal recovery key (PRK) in `/var/db/NoMADFDE` unless otherwise specified. `<key>EnableFDERecoveryKey</key> <false/>`
Set Recovery Key Filepath `EnableFDERecoveryKeyPath`	Specifies a custom file path for the PRK rather than using /`var/db/NoMADFDE` by default. `<key>EnableFDERecoveryKeyPath</key> <string>/usr/local/filevault</string>`
LAPS User `LAPSUser`	An existing local administrator account that Jamf Connect can change the password to the personal recovery key. This setting is only used by Jamf Connect to help enable FileVault for standard accounts on macOS 10.15.x. This setting should not be used on computers with macOS 11 or later. `<key>LAPSUser</key> <string>AdminUser</string>`