Using Mac OS X 10.7 Filevault with Centrify DirectControl



Similar documents
Administering FileVault 2 on OS X Mavericks with the Casper Suite v9.2 or Later. Technical Paper October 2013

How To Sync Google Drive On A Mac Computer With A Gmail Account On A Gcd (For A Student) On A Pc Or Mac Or Mac (For An Older Person) On An Ipad Or Ipad (For Older People) On

Administering FileVault 2 on OS X Lion with the Casper Suite. Technical Paper July 2012

Understanding offline files

Joining my MAC laptop to the domain

Using Apple Remote Desktop to Deploy Centrify DirectControl

Sophos SafeGuard Native Device Encryption for Mac Administrator help. Product version: 7

Installation Guide - Client. Rev 1.5.0

How To Use 1Bay 1Bay From Awn.Net On A Pc Or Mac Or Ipad (For Pc Or Ipa) With A Network Box (For Mac) With An Ipad Or Ipod (For Ipad) With The

Installation and User Guide. MQLink Version 3.0 (Java)

Contents. Getting Started...1. Managing Your Drives Backing Up & Restoring Folders Synchronizing Folders Managing Security...

Macintosh Printer Management using Centrify DirectControl Group Policies

Centralized Mac Home Directories On Windows Servers: Using Windows To Serve The Mac

Sophos SafeGuard Native Device Encryption for Mac quick startup guide. Product version: 7

MICROSOFT OUTLOOK 2011 SYNC ACCOUNTS AND BACKUP

ONE Mail Direct for Desktop Software

CENTRIFY TRAINING CLASS Centrify Suite Standard Edition - Mac OS X Training Course Details. Format: 100% lecture including demonstrations.

Setup and Configuration Setup Assistant Migration Assistant System Preferences Configuration Profiles System Information

10 steps to better secure your Mac laptop from physical data theft

Active Directory Compatibility with ExtremeZ-IP. A Technical Best Practices Whitepaper

How to install and use the File Sharing Outlook Plugin

Sophos SafeGuard File Encryption for Mac Quick startup guide. Product version: 6.1

Cloudifile: Frequently Asked Questions

Creating Home Directories for Windows and Macintosh Computers

Install Sophos SafeGuard Native Device Encryption on Mac OS X

The following was taken directly from the ARD (Apple Remote Desktop) operator s manual:

Welcome to Panther Find out what you can do with Mac OS X and Mac OS X applications

Seagate Manager. User Guide. For Use With Your FreeAgent TM Drive. Seagate Manager User Guide for Use With Your FreeAgent Drive 1

Centrify Identity Service and Mac - Online Training

How to Password Protect Files & Folders in Mac OS X with Disk Images

FTP Accounts Contents

Enabling Backups for Windows and MAC OS X

How to Encrypt your Windows 7 SDS Machine with Bitlocker

SecureLock Tool Functions:

Colligo Engage for Mac. Release Notes

DeployStudio Server Quick Install

Symantec Endpoint Encryption (SEE Client) Installation Instructions. Version 8.2

Xopero Backup Build your private cloud backup environment. Getting started

OS X 10.6 SNOW LEOPARD: KEYCHAIN ACCESS MANAGING & UNDERSTANDING KEYCHAIN

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

AutoCrypt 2.1 User Guide!

SuperOffice AS. CRM Online. Installing the Citrix Online Web plug-in

Open Directory. Contents. Before You Start 2. Configuring Rumpus 3. Testing Accessible Directory Service Access 4. Specifying Home Folders 4

Mac Basics: Time Machine backs up your Mac

IceWarp to IceWarp Server Migration

Mac OS X Secure Wireless Setup Guide

Active Directory Compatibility with ExtremeZ-IP

Changing Your Cameleon Server IP

Installing Your Multifunction to Your Network for the First Time

Hi-Speed USB Flash Disk User s Manual Guide

SecureDoc for Mac v6.1. User Manual

AppleShare Client User s Manual

i>clicker v7 Gradebook Integration: Blackboard Learn Instructor Guide

1 Getting Started. Before you can connect to a network

Vodafone Hosted Services. Getting your . User guide

Mobile Device Security and Encryption Standard and Guidelines

Introweb Remote Backup Client for Mac OS X User Manual. Version 3.20

FAQ. How does the new Big Bend Backup (powered by Keepit) work?

CONNECT-TO-CHOP USER GUIDE

6) Click the lock in the lower left corner of the Directory Utility Window and authenticate with the local administrator account s credentials.

I. Configuring Digital signature certificate in Microsoft Outlook 2003:

Hallpass Instructions for Connecting to Mac with a Mac

McAfee Endpoint Encryption Hot Backup Implementation

McAfee Endpoint Encryption 7.0 Users Guide and FAQ

VIVIDESK Desktops can be accessed with a Macintosh Computer by one of two methods:

Chapter7 Setting the Receiving PC for Direct Upload. Setting the Receiving PC for Direct Upload For Windows For Macintosh...

PC Requirements and Technical Help. Q1. How do I clear the browser s cache?

Office 365 Mail: Mac Mail OS X

FileMaker Server 7. Administrator s Guide. For Windows and Mac OS

Installing Your Multifunction to Your Network for the First Time

Installing Your Multifunction to Additional Computers on Your Network. PIXMA MX340/ PIXMA MX350/ PIXMA MX870 Mac OS

Keeping Data Safe. Patients, Research Subjects, and You

Do I need to install anything on my computer to use the VC?

Mac OS X User Manual Version 2.0

FileMaker Server 8. Administrator s Guide

NotifyMDM Device Application User Guide Installation and Configuration for Windows Mobile 6 Devices

Remote Working from a Mac computer

Configure SecureZIP for Windows for Entrust Entelligence Security Provider 7.x for Windows

Frequently Asked Questions

10 Ways to Not Get Caught Hacking On Your Mac

Common SofTest Troubleshooting Techniques

Automating client deployment

Vtiger CRM Outlook Plugin Documentation

Installing Microsoft Outlook on a Macintosh. This document explains how to download, install and configure Microsoft Outlook on a Macintosh.

Protecting GoldMine CRM database with DbDefence

Encrypting with BitLocker for disk volumes under Windows 7

2.6.1 Creating an Acronis account Subscription to Acronis Cloud Creating bootable rescue media... 12

Binding an OS X computer to Active Directory at NEIU (Existing User)

IBM Rapid Restore PC powered by Xpoint - v2.02 (build 6015a)

Brivo Directory Agent. User Guide

GET INTO OFFICE 365: OneDrive for Business Guide

The safer, easier way to help you pass any IT exams. Exam : 9L OS X Server Essentials 10.8 Exam. Title : Version : Demo 1 / 6

Manage Your Mac with Active Directory Group Policies

Device Enrollment Guide

Transcription:

Using Mac OS X 10.7 Filevault with Centrify DirectControl August 2011, Revision 2 OS X 10.7's Filevault has the ability to encrypt the entire disk. Full Disk Encryption is compatible with Centrify Active Directory users. However, only Active Directory users configured as mobile users with portable home directories can be granted the authority to unlock the disk. Configuring Active Directory Users with Mobile Home Directories A regular Active Directory user is known as a network user on the Mac. The Mac does not have a user record defined locally in the Users and Groups System Preference panel for this user. A mobile home directory user is both an Active Directory user and someone with a user record defined locally. A mobile home directory user also has a home directory somewhere on the network. When a mobile user is created, the network home directory is linked to the local home directory on the machine. The Mac OS then keeps the two home directories in sync whenever the machine is on the network. Note the user is defined as a Network user 2011 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 1

Filevault encryption requires the Active Directory user to be a mobile user. It requires the user to have the local account record present in the Users and Groups System Preference panel. To create a mobile account for a user, unlock the control panel, then press the Create button next to the Mobile account label. If you want to have the user s home directory synchronized with the network directory, then configure the synchronization settings to automatically sync the home folder. It is possible to configure a mobile user that has no network home directory. Set the Sync popup to Manually and unselect all the listed folders. This will configure the system so that no directories are linked and that syncing would never occur without user intervention. Press the Create button. After creating the mobile account, the user s record will now be listed as a Mobile user. You can also use Centrify s Group Policy modules to configure Mobile Home Directories for all Macs in your environment. Consult the Macintosh Support Center at http://www.centrify.com/support/macsupport-center.asp for more details on Group Policy and Mobile Home directories. 2011 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 2

Enabling Filevault You turn on full disk encryption in the Security and Privacy -> Filevault system preference. You have to specify which users are authorized to unlock the disk. This dialog will include local user accounts and Active Directory users with mobile accounts. You will be presented with a Recovery Key. 2011 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 3

It looks similar to this: It's important to write this down somewhere. If you do not save this key, you can't decrypt your disk if you lose the user passwords. You can also choose to store it with Apple. 2011 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 4

After you turn on Full Disk Encryption, it may take 6-10 HOURS for the encryption to complete. (It didn t really take 19 days to decrypt the disk.) 2011 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 5

Logging on After the computer is restarted, the Mac displays the list of users who can unlock the disk and login. This list can include local users and Active Directory users with portable home directories. It does NOT provide you with a username/password entry dialog box. After the disk has been unlocked and a user has logged in, then it's possible to have other Active Directory users log in. You can then log out, and will get a username/password dialog box, or you can use the Fast User Switch function to enter a different Active Directory user account. Adding Additional Active Directory Users You can authorize additional Active Directory users to unlock the disk by going back to the Security and Privacy -> Filevault system preference. Note the "Some users are not able to unlock the disk." notice. Press the "Enable Users" button to select more users. 2011 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 6

Enable your additional users here. 2011 CENTRIFY CORPORATION. ALL RIGHTS RESERVED. PAGE 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information