Manualshelf

System information

ManualsBrandsParallels ManualsSoftwareManagement Suite SCCM
71727374757677787980
72
Parallels Mac Management Features
Finding the Correct FileVaultMaster.keychain File
If you have more than one FileVaultMaster.keychain file and you forgot which one is which, you can
compare the SHA1 fingerprint of the certificate in the file to the fingerprint of the original certificate
that Parallels Mac Management has saved in its database (p. 153). If you know exactly which file
contains
the correct recovery key, skip this and the following sub-sections and read the Unlock the
Disk Using the Institutional Recovery Key sub-section that follows them.
To retrieve the SHA1 fingerprint of the original certificate that used during encryption:
1 In the Configuration Manager console, navigate to the device collection containing the Mac (e.g.
All Mac OS X Systems).
2 Locate the Mac in the list. If you can't find the Mac, read the subsection that follows this one.
3 Right-click the Mac and then click Properties.
4 In the Properties dialog, click the FileVault 2 tab to view the FileVault 2 encryption information
for the Mac. The properties are:
Hardware ID. Contains the Mac hardware ID.
Serial Number. Contains the Mac serial number.
Personal Key. Contains the personal recovery key (will be blank if an institutional key was
used).
Institutional key. Contains the SHA1 fingerprint of the institutional key certificate (will be
blank if a personal key was used).
LVGUUID. The UUID of the logical volume group.
LVUUID. The UUID of the logical volume.
PVUUID. The UUID of the physical volume.
5 Compare the value of the Institutional key property to the fingerprint of the certificate in a
FileVaultMaster.keychain file. The file that has the matching fingerprint contains the correct
institutional recovery key.
If You Can't Find the Mac in Any of the Collections
If the Mac is no longer assigned to the Configuration Manager site (i.e. you can't find it in any of the
device collections), you can still retrieve its FileVault 2 encryption info from the Parallels Mac
Management database (p. 153). The FileVault 2 encryption records are never deleted even for the
Macs that ar
e no longer assigned to the site.
To retrieve the FileVault 2 encryption info for an unassigned Mac:
1 In the Configuration Manager console, navigate to Assets and Compliance / Parallels Mac
Management.
2 Right-click FileVault 2 Encryption Information and then click Properties.