Manualshelf

System information

ManualsBrandsParallels ManualsSoftwareManagement Suite SCCM
71727374757677787980
71
Parallels Mac Management Features
After the Macs have been encrypted, the best way for the system administrator to monitor the Mac
encryption status is to configure the baseline containing the FileVault 2 configuration item to run as
often as necessary (e.g. daily). If an unauthorized change have been made to the FileVault 2
encryption, the baseline run will fail and will report an error to Configuration Manager. The system
administrator will be able to see it and check the hardware inventory record for a particular Mac.
Note: You should be aware of one scenario when the FileVault 2 encryption status may not be reported
accurately in the Mac hardware inventory. This will happen when a Mac is removed from the
Configuration Manager site, the Parallels Mac Client is uninstalled from it, and the Mac is then assigned to
the site again. If the Mac was encrypted with FileVault 2 prior to removing it from the site, the encryption
status will be reported as Encrypted by a 3rd party. To make the status to report accurately, you'll need
to decrypt the disk and then encrypt it again.
Recovering Encrypted Disk Using Password
If a FileVault 2 encrypted disk becomes unbootable, and the Mac user knows his/her password
(and is authorized to unlock the disk), use the following steps to unlock the disk:
1 Boot your Mac from the Recovery HD partition by holding down Command –R.
2 Use the following command to list the available Core Storage volumes:
$ diskutil cs list
3 Look for the UUID of a Logical Volume, usually the last in the list. Select and copy the UUID to
be used in the next step.
4 Use the following command to unlock the disk. Be sure to insert the UUID from the previous
step:
$ diskutil corestorage unlockVolume UUID -stdinpassphrase
5 When asked, enter the password of an account that's authorized to unlock the disk.
6 If successful, the drive will unlock and mount. You'll be able to back up the data using Disk
Utility, or by using a command line tool such as ditto.
7 Once the disk is unlocked, you can decrypt it by executing the following command:
$ diskutil corestorage revert UUID -stdinpassphrase
Once the volume is decrypted, you'll have full access to your hard disk.
Recovering Encrypted Disk Using Institutional Key
A recovery may be needed if a FileVault 2 encrypted disk becomes unbootable and/or if a Mac user
forgets their password.
To unlock an encrypted disk using an institutional recovery key, you need the original
FileVaultMaster.keychain file that contains the recovery key. You must also know the master
password that you've set when you created the file.