Applies to: Mac systems 10.10-12.x with FileVault enabled. For 10.13.x, see Managing users with High Sierra, Filevault, and APFS
After provisioning a new user to a macOS system using the JumpCloud agent, on a power cycle, the new user does not show up on the Filevault login screen.
The JumpCloud agent does not currently auto-provision users to FileVault to enable them to decrypt the drive.
There are several methods for enabling a user to decrypt FileVault:
Command line (One or few users)
Command line script (Many users)
1. Go to the System Preferences > Security and Privacy
2. Select the FileVault tab, and click the lock in the lower left corner to make changes
4. Click "Enable Users..."
5. Select the users you wish to allow to decrypt the disk, and click "Enable User..."
6. Enter the user's password and click OK:
If adding one or just a few users, this can be accomplished on the command line as root. The root password or current Filevault recovery key, as well as the user's existing password, are required. In this example, the user 'fvuser' is being added:
myMac:~ root# fdesetup add -usertoadd fvuser Enter a password for '/', or the recovery key: Enter the password for the added user 'fvuser': myMac:~ root#fvsetup.sh and fvusers.plist