High Sierra APFS issue enabling FileVault for user created with sysadminctl

Context:

Start with an unencrypted mac running High Sierra with APFS

Login with an admin account to the computer

Create a new user with sysadminctl

sudo sysadminctl -addUser testUser -password 1234 -admin


Part of the stdout says this:

2017-09-20 10:42:27.663 sysadminctl[1099:6538] No clear text password or interactive option was specified (adduser, change/reset password will not allow user to use FDE) !


The password was definitly specified...


Now try to enable fileVault through fdesetup for the testUser account

sudo fdesetup enable -user testUser


I get this:

Error: A problem occurred while trying to enable FileVault. (-69594)



If I use System Preferences to reset the password of testUser, then the error goes away and encryption is successful.


I did file a bugreport, but wondering about a workaround that will enable the user to participate in FDE?


Tested on the GM rc 10.13 (17A362a)

Up vote post of tonyike Down vote post of tonyike
3.2k views
Posted by
tonyike
Reply
Add a Comment

Replies

I did file a bugreport …?

What was that bug number?

Regardless, you might have better luck asking this question over in Apple Support Communities, run by AppleCare, where you’re more likely to find folks with experience administering FileVault systems.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment