Once the supplemental 10.13.2 upgrade is installed, I could no longer add AD users to File Vault.
The issue seems to be Secure token is not enabled for AD users the following fixes the issue
Sysadminctl interactive -secureTokenOn <user name> -password <password>
Check with
Sysadminctl interactive -secureTokenStatus user.name
Reboot and you should be able to enable for the new user.name