This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 47%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMN%3C/text%3E%3C/svg%3E)
Hello all,
I have a really hard time understanding differences between "Endpoint Security > Disk Encryption" pane in Endpoint Manager and Devices > Configuration profiles. In both these locations, there is the same MacOS FileVault encryption policy I can configure. Can someone explain the difference ?
The issue:
I am trying to enable FileVault encryption for Mac OS for one particular user (E3 license) and when I configure the policy in the 1st location, assign it to a security group, the policy is not getting applied at all. I Company portal app is in sync, and I can see the device in Devices with Encryption status of:
Device encryption status
Device name
<User's> MacBook Air
Encryption readiness
Not ready
Encryption status
Not encrypted
Profiles
@Michael Novak Thanks for posting in our Q&A.
For FileVault settings in different locations, they are the same configuartion.
For this issue, I have done a lot of research. This is may caused by the device has already enable FileVault before enrolling to Intune receive FileVault policy. Did you enable FileVault before? If not, it is needed to do log analysis to find the root cause.
With Q&A limitation, Q&A is not the best channel for such log analysis case. So we suggest to open a case to check on this. It is free. The following link describes how to open a case, we can refer to it:
https://learn.microsoft.com/en-us/mem/intune/fundamentals/get-support
Hope this issue will be solved as soon as possible.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hello, many thanks for your answer. You're correct, it has not been enabled before, as this is a new computer, which has been just recently setup. Company portal app is enabled and synced, I can also see the computer in Intune (endpoint manager) portal with no errors.
The only information I can find is in Home > Devices > Monitor > Encryption report where the device is showing "Encryption Readiness: Not ready". The device is MacBook Air with M1 chip (2020).
@Michael Novak Thanks for your quick update.
Yes, the information from the Intune Portal is limited. Troubleshooting usually involves checking the background logs. Given this situation, it is better to open a case on it.
Thanks for understanding.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 21%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOA%3C/text%3E%3C/svg%3E)
Hi Michael,
that's interesting, I get the same error message on my M1 Macbook Air. Did you manage to activate filevault in the meantime?