Skip to main content

So I am using the Reissuing FileVault keys with the Casper Suite. Followed this to the T (except the DMG for the ICONS). I am getting the follwoing error:



Executing Policy Reissue invalid or missing FileVault recovery key

Downloading AppleCustomScriptIcon.pkg...

Downloading 



Verifying package integrity...

Installing AppleCustomScriptIcon.pkg...

Successfully installed AppleCustomScriptIcon.pkg.

Running script reissue filevault recovery key...

Script exit code: 0

Script result: Alerting user USER about incoming password prompt...

Prompting USER for their Mac password...

Successfully prompted for Mac password.

Issuing new recovery key...

**[warning] FileVault key was generated, but escrow did not occur.

Adding personal recovery key.**



Submitting log to https://comapny.jamfcloud.com/


Any ideas why the escrow doesn't occur? And not getting the key uploaded to my JSS?

Hi @BigToeKnee810 (interesting screen name) I haven't used the script myself, but, just curious if you've set up a Config Profile for these Macs to have FileVault Recovery Key redirection? Its toward the bottom of the payloads list when setting up a Config Profile. See image below





You need to set it to the following option:





I'm pretty sure that is a requirement to have any new keys redirected and escrowed back to the JSS, but again, I haven't really looked at the script created by homebysix to know for sure. Maybe I'm wrong, but I'd at least check into that avenue, assuming you don't already have that profile setting in place.

@BigToeKnee810 Yes, what @mm2270 says is correct... you have to have that configuration profile set up like he mentioned in order for it to work and redirect the Keys back to the JSS. Otherwise, it will just fail.

@BigToeKnee810 Yes, what @mm2270 says is correct... you have to have that configuration profile set up like he mentioned in order for it to work and redirect the Keys back to the JSS. Otherwise, it will just fail.

Yep that is currently enabled.



Weird. It's working this morning, just tried out of curiosity.

Hi @BigToeKnee810
What os do you running it on ?
I've been trying running it on latest sierra , but after the first "Next" , I get no password to type . just an error of 5 attempts .
did you change anything in the script before running it?



Script exit code: 1
Script result: /Library/Application Support/JAMF/tmp/reissue_filevault_recovery_key: line 1: ill: command not found
Alerting user perfecto about incoming password prompt...
Prompting perfecto for their Mac password...
Prompting perfecto for their Mac password (attempt 2)...
Prompting perfecto for their Mac password (attempt 3)...
Prompting perfecto for their Mac password (attempt 4)...
Prompting perfecto for their Mac password (attempt 5)...
[error] Password prompt unsuccessful after 5 attempts. Displaying "forgot password" message...
Error running script: return code was 1.


Regards ,

Terms & ConditionsCookie settings