This document assumes that the the user has already been added to the Filevault configuration. If not, see JumpCloud provisioned users do not appear on Filevault login screen after power cycle.
On macOS, after a password reset and subsequent power cycle using a JumpCloud managed user, the login screen does not accept the new password to decrypt the disk.
Filevault is not currently managed by the JumpCloud agent. MacOS maintains three passwords:
- Filevault (for disk encryption)
- Keychain (for saving certificates, passwords, etc..)
- User password (the final login prior to getting to the desktop)
- Decrypt the disk using the previous password.
- At the user login, use the new password.
- Once logged in, synchronize all passwords. Go to System Preferences > Users & Groups
- Select your account, then select Change Password...
- Enter the new password for all fields. This will synchronize all passwords to the new user password.