[BUG] When erasing a mac and enrolling user as standard, no secure token is given #543

zpropheter · 2025-03-03T15:48:48Z

Describe the bug
When erasing a mac and enrolling user as standard, no secure token is given

To Reproduce

Trigger Erase-Install to erase and re-enroll a mac
Use Jamf Connect or other Privilege Management Tool to create user as standard during enrollment
Try to enable filevault

Expected behavior
On a new enrollment your first logged in user should be granted a secure token, regardless of privileges. ECAS and MDM wipe perform as expected in same environment.

grahampugh · 2025-03-09T17:34:17Z

This appears to be an issue with startosinstall in circumstances where you skip account creation during enrollment and then create a standard account using Jamf Connect or similar post-enrollment process.

An FB has been opened with Apple as this would appear to be a bug. I would recommend you do the same to raise impact. You may need to remove erase-install from the mix and just use the straight startosinstall --eraseinstall command to get Apple to listen.

zpropheter added the bug Something isn't working label Mar 3, 2025

zpropheter assigned grahampugh Mar 3, 2025

zpropheter changed the title ~~[BUG]~~ [BUG] When erasing a mac and enrolling user as standard, no secure token is given Mar 3, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG] When erasing a mac and enrolling user as standard, no secure token is given #543

[BUG] When erasing a mac and enrolling user as standard, no secure token is given #543

zpropheter commented Mar 3, 2025

grahampugh commented Mar 9, 2025

[BUG] When erasing a mac and enrolling user as standard, no secure token is given #543

[BUG] When erasing a mac and enrolling user as standard, no secure token is given #543

Comments

zpropheter commented Mar 3, 2025

grahampugh commented Mar 9, 2025