Adding FileVault-authorized users

You can assign only one user as the “Managed By” user for the computer in Active Directory. If you want to authorize additional users to manage FileVault 2 protection, you must do so on the Mac computer by performing either one of the following procedures.

To authorize FileVault 2 users by using System Preferences

1. On the Mac computer, open System Preferences > Security & Privacy.
2. Click the FileVault tab, and if necessary, unlock the padlock.
3. Click the Enable Users button and an account list pops up.
4. Click Enable Users to add and enter password of that user.

To authorize FileVault 2 users by using Terminal commands

1. On the Mac computer, open the Terminal application.
2. Run the following command:

   sudo fdesetup add -usertoadd user1

   If prompted, enter the sudo password.

3. When prompted, enter the primary FileVault-authorized user name — this is the user who you specified to manage FileVault 2 (in Assign an Active Directory user who is authorized to manage an encrypted disk).

4. When prompted, enter the password for the primary FileVault-authorized user.

5. When prompted, enter the password for the new user who you specified on the command line (user1 in this example).