Encryption Management for Apple FileVault manages Apple FileVault™ to encrypt the entire OS X startup volume, which typically includes the home directory, abandoning the disk image approach. Encryption Management for Apple FileVault manages encryption using Apple FileVault with the user's password as the encryption pass phrase. Encryption Management for Apple FileVault uses the AES-XTS mode of AES with 128 bit blocks and a 256 bit key to encrypt the disk, as recommended by NIST. Only unlock-enabled users can start or unlock the drive. Once unlocked, other users may also use the computer until it is shut down.
Mac OS local accounts or mobile accounts are able to initiate encryption on Mac OS X Mountain Lion or later. Other Mac OS user account types will be unable to initiate encryption.
To create a mobile account for Active Directory on your Mac, see Creating a Mobile Account for Active Directory on Mac OS.