Is there a way to set up users on Mountain Lion to be available in the FileVault boot screen if the users are Active Directory users managed through Quest Authentication Services (QAS)?
I would like to have the following working:
- User is managed through AD using QAS
- FileVault encryption is used for the whole disk, not just the user's home directory
- The AD user is used in the FileVault boot screen
Is this possible or does anyone use a similar configuration?
Update
Since I haven't received an answer here, and haven't found a way to use both QAS and FileVault, I have removed QAS (now using a local user account again), and then enabled FileVault 2 for the disk encryption. Logging in with the local user works fine.
The downside is that I have to authenticate separately to some network drives now that previously didn't require authentication due to the AD integration, but that's a small price.
Best Answer
In our work environment, I have our Macs bind directly to Active Directory with no service (like QAS) in the middle. The AD user has a local home folder, we do not use Network Homes. We use FileVault 2 with no issues. The AD user's name shows up on the FileVault screen and they are able to unencrypt their laptop with their normal network credentials. So yes, it should work fine unless QAS is adding something bizarre into the mix.