=== Notice ===
This group policy should only be used for admins who are not able to use the non-ADMX setting under:
Computer Configuration -> Centrify Settings -> Mac OS X Settings -> Security and Privacy -> FileVault 2 -> Enable FileVault 2
Non-ADMX settings will take precendence over this ADMX setting.
=== Setting Instructions ===
Enable this group policy to enable FileVault 2 using institutional recovery key.
Under ADMX Settings, Go to Security and Privacy -> File Vault 2 -> Use Institutional Recovery Key
1. Click Enabled
2. On your Mac, run the following in Terminal to output the certificate file the certificate you plan to "upload" in hex format: xxd -p {certificate filename}
3. Copy the output from (3) and paste it into "Certificate content in HEX:" without the newlines and spaces so that it's all one uninterrupted string.
For detailed information please read the FileVault 2 group policy section in document "Admin Guide for OS X".
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\CentrifyDC\Settings\Mac\Security\FileVault2 |
Value Name | PersonalEnable |
Value Type | REG_SZ |
Enabled Value | 0 |
Disabled Value | 1 |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\CentrifyDC\Settings\Mac\Security\FileVault2 |
Value Name | Cert |
Value Type | REG_SZ |
Default Value |