I am looking for a solutions to get the recovery key in my JAMF console for those mac devices recovery key is missing, but user should be interrupted. I can see it has happened for both personal and institutional key. What is the main concept of personal recovery key validation, some time it is showing invalid or unknown but recovery key is there, strange! Please help to understand and also with a perfect resolution I am looking for. BTW device is getting encrypted by a config profile and to escrow the key in JAMF.
We're also seeing some machines that have had new FV recovery keys (PRK) issued followed by a recon, which does update it in Jamf. Fast forward a week or so and those same machines are back on the list of "unknown" with some of them not having the key available once again while others just have the status of "unknown".