Confirming FileVault 2 protection on multiple computers

An administrator can verify the FileVault 2 status of multiple Mac computers that are enrolled in the Centrify identify platform.

Note:   Centrify Management Services for Mac allows you to both join a computer to a domain and enroll the same computer in the Centrify identify platform. To enroll a computer in the Centrify identify platform that is already joined to a domain — to take advantage of FileVault 2 reporting or for any other reason — see Managing a Mac that is joined and enrolled

After you have enrolled one or more Mac computers in the identify platform, you can verify their FileVault 2 status by logging into the Cloud Manager administrator’s web portal. A user can see the FileVault 2 status of his or her computer by logging into the Centrify user portal.

To verify the FileVault 2 status of computers enrolled in the identify platform: (deprecated)

  1. Log in to Cloud Manager.
  2. Click the Devices tab to see a list of enrolled devices.
  3. Click the name of any particular computer to see its FileVault 2 status:

    Note:   For OS X versions 10.8 and lower, Cloud Manager shows the FileVault 2 status as ‘Unknown’.

Cloud Manager displays FileVault 2 status when the device is enrolled and updates the status at the regular device polling interval (24 hours by default). Turning on FileVault 2 (encryption) and turning it off (decryption) requires rebooting the computer to take effort. Therefore, the FileVault 2 status depends on the setting (on or off), and whether the computer has been restarted. For example, if FileVault 2 encryption is on, but the computer has not been restarted, Cloud Manager will show FileVault 2 status as ‘Disabled’. Once the computer has been restarted, even if encryption is still in progress, status will show as ‘Enabled’. Likewise for decryption; if FileVault 2 encryption is turned off, the status will show as ‘Enabled’ until the computer is restarted.