“My password doesn’t seem to work!”
I recently ran into an issue where my customer was having a problem with the FileVault login window and entering their password. After a bit of troubleshooting, we figured it out. There was a pretty strong password policy in place and being a UK organisation the keyboard was set to British English, but at the FileVault login windows the keyboard was American English. Big problem as the special characters like the “@” or “#” are not in the same spot.
Where does FileVault store the keyboard preferences
Fixing this issue, we needed to find out where does the FileVault login window store the keyboard settings? After some conversations with some really smart people @scriptingosx we found that they keyboard is stored within the NVRAM on the mac.
A simple command sudo nvram prev-lang:kbd="en_GB:2" sets the keyboard to British within the FV window. We could just create a simple policy that ran this command and fix all UK keyboards. That would work for the UK, but what about the rest of the people around the world?
Finding the right IDs for each keyboard
Thanks to the macadmins slack, there was a thread discussing the nvram command, and someone found a list that had all the keyboard IDs within an Apple dat file. The OpenCore projects has a list with all the keyboard layout IDs
How to fix
First we need to get the current user’s default keyboard reading the ID from com.apple.HIToolbox.plist and once we have that we can look up the keyboard from the OpenCore list.
Final script
The final script will find the keyboard, lookup the name/ID and run the nvram command. Easy to add this to a policy during the onboarding process to fix the keyboard on within FV login window.
Hope this helps, it helped the rollout that I was working on.
