search cancel

Automatic Login enabled after the Symantec Endpoint Encryption client initiates File Vault encryption

book

Article ID: 150968

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

 

Resolution

Historically, after File Vault is enabled on a system, a "Preboot" login page would be displayed in order to unlock the File Vault encrypted system.  Once this passphrase was entered, the regular Mac OS X login page would be displayed.

After a system is encrypted with File Vault on Mac OS X 10.14 (Mojave), there is only one login required by default.  This behavior is normal and happens because Single Sign-On is enabled on the system.

This can be disabled by following the steps provided by Apple:

sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES

 

Using the following command will allow AutoLogin to occur when File Vault is enabled:

sudo defaults delete /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin


Note: This Single Sign-on feature has been available since Mac OS X 10.9 (Mavericks), however all previous operating systems had the feature disabled by default.


In order to check if a system is encrypted with File Vault, run the following commands via Terminal:

diskutil apfs list

Upon running the above command, look for the name of the drive in question.  In the command line results, look for "File Vault" and this will list either "Yes" for encrypted, or "No" for not encrypted.  If encryption is currently ongoing, will list a percentage.  When it lists "Unlocked", this means the drive has been authenticated.  If this was a drive that was slaved to another system, without entering the passphrase, the disk would be in a "Locked" status.

sudo fdesetup status

Upon running the above command, File Vault will state "On" if the system is encrypted, or "Off" if it is not encrypted.  If the encryption/decryption process is in progress, a percentage will be displayed.

In order to find out a list of users, run the following command:

sudo fdesetup status