The following are the Encryption Management for Apple FileVault issues and limitations.
-
After upgrading Mac OS to 10.13.1, Encryption Management for Apple FileVault may not start encryption if the domain user doesn't have a "secure token" to enable FileVault. Administrators may need to manually apply a secure token to the mobile account. For details, refer to the following Knowledge Base entry:
-
After Encryption Management for FileVault receives the Kill command from PolicyServer , all the user passwords on that device are reset to random characters. However, due to a Mac OS 10.10 security design , the Kill function may become "locked", and users are unable to unlock FileVault on that device.