Environment
Advanced Authentication 6.2
Advanced Authentication 6.3
AAF Client for MacOS X v6.2
AAF Client for MacOS X v6.3
Situation
How to configure FileVault to work with and not bypass the Advanced Authentication MacOS Client protocol/authentication method(s)
By default, if a user logs in with FileVault enabled, this bypasses the Advanced Authentication client protocol and uses the FDEAutoLogin preference.
Resolution
To deactivate the AutoLogin with the FileVault from the MacOS X Client, run the following command:
sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES
NOTE: This option prevents the user that decrypted FileVault from automatically logging in, a feature which ignores loginwindow's general "Disable automatic login" (com.apple.login.mcx.DisableAutoLoginClient) setting.
Additional Information
To reactivate the AutoLogin with the FileVault, run following command:
sudo defaults delete /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin
For more information please see the following FileVault documentation: