Before you begin configuring FileVault 2

Be aware of the following requirements and limitations when configuring FileVault 2 through Centrify group policy:

  • The Mac computer must be running OS X 10.9 or above.
  • The Mac computer must have a recovery partition — generally, this partition is created by default during Mac OS X or macOS installation.
  • FileVault 2 must not be enabled on the Mac computer (through the Security & Privacy System Preference).

    If it is already configured, configuring FileVault 2 through Centrify Management Services for Mac will have no effect.

  • Enabling FileVault 2 protection disables auto log on for the Mac computer.

  • FileVault 2 protection does not support smart card authentication at start up of the computer.

    The Apple technical white paper, "Best Practices for Deploying FileVault2" provides more information about using FileVault 2; specifically, the section “Two Factor Authentication” discusses the limitations of using FileVault 2 with alternate authentication methods such as smart cards.