Using diskutil to find secure token users on a Mac

Typically, to find out of if a user account on a Mac has a secure token, you run a command like sysadminctl -secureTokenStatus username Where username is the username of the account you’re checking for a secure token. Several folks on the MacAdmins Slack have mentioned that the most accurate way to get the secure… Continue reading Using diskutil to find secure token users on a Mac

Command to add a secure token to a macOS user account

If you run sysadminctl -secureTokenStatus firstuseraccount and see a secure token is enabled for that first account but run sysadminctl -secureTokenStatus seconduseraccount and see a secure token is not enabled for that second account, you can try adding a secure token to the second account, so it can turn on FileVault or become a FileVault-enabled… Continue reading Command to add a secure token to a macOS user account