This is not possible anymore as far as I am aware. FileVault generates a Secure Token, and you need a secure token to rotate the password of an account with a Secure Token. 

I'm pretty sure @AJPinto is correct. 

Have you looked into using LAPS? Jamf has a built in solution for management accounts (https://learn.jamf.com/bundle/technical-paper-laps-current/page/Local_Administrator_Password_Solution.html ). There are also 3rd party implementations such as PezzaD84/macOSLAPS. 

These are not quite what you're asking as they would require either making a new account or using an existing management account. Still, it might be your best option.

We use LAPS on our Windows machines, and I never even considered there'd be a similar implementation for MacOS.

Honestly, that second one, with the self-service options, looks great for what we need. We already have a local admin on each device, it's just a matter of setting it up with that account from the sounds of it. Thanks for the links!

Glad to help. There was a great talk at JNUC on it this year. I don't think the video is on youtube yet, but it should be soon-ish.

Hello,

@TrentO Thanks for sharing! This is looking great indeed.

I need a sanity check for PezzaD84/macOSLAPS solution. This needs to have LAPS enabled in the Jamf Pro API first correct?

Thank you!

No actually. This is a completely separate LAPS implementation and only relies on Jamf to deploy the policies.

@TrentO Thanks so much for confirming! Really appreciate it.

I'll be testing on a couple laptops first then :)