Fairly new jamf admin here so bear with me..
We've got a handful of end user, in production machines already enrolled in jamf that we need to enable filevault 2 for the hidden admin account that we create during enrollment. We have a policy that enables it for the end user just fine during enrollment, and we had a policy using the "Management Accounts > enable user for filevault" to enable filevault for the admin account, but that only works on sierra. What we ended up doing during enrollment was to run commands from terminal (sysadminctl interactive -secureTokenOn) then create/delete a user and reboot (not sure why that was required) to enable FV for the admin account. Some machines got missed during the process.
At this point, it would be intrusive to try and touch each of these machines again in person and have to force users who hate rebooting to reboot. I'm wondering if there would be an easier way to do this remotely through a script or another option? Thanks for any advice..
