This applies to computers in Static groups that are members of the following Smart Group: Faculty & Staff (NoMAD).
All steps below MUST be completed or the first logged in user may not be made a “Volume Owner”, and this will prohibit the user from running Software Updates.
Have the first user log in as soon as possible after the computer goes through setup.
The first user (and only the first user) to log in to the computer will automatically be made an Admin.
When prompted to Encrypt, click Allow.
Encryption will be enabled when the first user logs in.
After the first user is logged in and at the desktop screen, have the user immediately log out.
Immediately log back in one more time. Then go into the Self Service App and run Update Inventory.
IT Staff Note -
To verify that a computer is configured correctly after going through the above steps log in to JAMF and search for the computer object.
Once you have selected the computer object check under Inventory > General make sure that:
Disk Encryption is set to Encrypted
Bootstrap is set to YES
Volume Owner lists at least one Netid user account (Admin or Non-Admin)
If you see this you can ignore the volume owner part of the KB article: Volume Owner:
Unsupported Platform: Intel i386
Note:
Unlike the previous deployment of NoMAD Login, you may not have to manually make future users “FileVault Enabled Users.” In our testing, future users on a computer were automatically made FileVault Enabled Users, but this might be dependent on the version of macOS that is installed (or some other factor), so always check.