To help protect a device that might have had its key compromised or to prevent other types of security incidents, the Intune admin may perform a remote device action to rotate the personal recovery key on a corporate macOS device. If the macOS device isn’t encrypted or it was encrypted prior to enrollment, they will not see a personal recovery key. Once they login to the web Company Portal, they can select their FileVault enabled macOS device from the device thumbnails, and click on Get recovery key. The end user may use the Microsoft Intune Company Portal website on any device to access their personal recovery key. This message is shown to end users on the login screen where they enter the personal recovery key instead of a password. For example, they may provide information such as the location of the personal recovery key. On the same settings page, the admin may enter a message to help the end user in case they forget their password and need to locate the recovery key. To set up FileVault on a managed macOS device that is not yet encrypted, the admin configures the FileVault settings located under the Endpoint Protection profile type within Device Configuration navigation of the Microsoft Intune administration console.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |