System information

Parallels Mac Management Features

Creating FileVault 2 Configuration Item

To create a FileVault 2 configuration item using a personal recovery key:

Note: If you want to use an institutional recovery key, jump to FileVault 2 Encryption with Institutional

Recovery Key (p. 67).

1 In the Configuration Manager console, navigate to Assets and Compliance / Overview /

Compliance Settings.

2 Right-click Configuration Items and then point to Create Parallels Configuration Item and

click FileVault 2 Configuration Item.

3 Enter the desired configuration item name and description.

4 Select Personal as key type. A personal recovery key will be created automatically for each

Mac during the encryption operation. Each individual key will be stored in the database on the

primary Configuration Manager site and can be retrieved and viewed in the Configuration

Manager console.

Please note that you cannot switch between personal and institutional keys once the encryption

has been performed on Mac computers:

5 Click OK to create the configuration item.

To evaluate Mac computers for compliance, you need to add the configuration item to a baseline

and then deploy it to a Mac collection. See Deploying Configuration Baseline (p. 86) for more

information.

When a Mac is evaluated for compliance, an attempt will be made to enable FileVault 2 on it. The

Mac user will be notified as follows:

1 A message box is displayed informing the user that the Mac is about to be encrypted. The

dialog has two buttons: Encrypt and Postpone.