You can assign only one user as the “Managed By” user for the computer in Active Directory. If you want to authorize additional users to manage FileVault 2 protection, you must do so on the Mac computer by performing either one of the following procedures.
To authorize FileVault 2 users by using System Preferences
- On the Mac computer, open System Preferences > Security & Privacy.
- Click the FileVault tab, and if necessary, unlock the padlock.
- Click the Enable Users button and an account list pops up.
- Click Enable Users to add and enter password of that user.
To authorize FileVault 2 users by using Terminal commands
- On the Mac computer, open the Terminal application.
- Run the following command:
sudo fdesetup add -usertoadd user1
If prompted, enter the
sudopassword. -
When prompted, enter the primary FileVault-authorized user name — this is the user who you specified to manage FileVault 2 (in Assign an Active Directory user who is authorized to manage an encrypted disk).
-
When prompted, enter the password for the primary FileVault-authorized user.
-
When prompted, enter the password for the new user who you specified on the command line (
user1in this example).
Doc Feedback