I have a configuration profile set to enable FileVault upon enrollment & escrow the personal recovery key. This is working great, but here & there we had some keys not get escrowed, even after the computer inventory updated several times. I recently enrolled four computers and all four did not get their key escrowed. I am not sure what's going on - has anyone else experienced this?
Each computer's encryption status is as follows:
it does work great, however, the whole point of the configuration profile is to enable + escrow the recovery key(?)
If I onboard someone remotely, I have to inform them the prompt is legit and rely on them to respond to it.
Maybe give the logout option a shot...best of luck.
Also, make sure (seen this a bunch of times) that there is no other profile with FV settings in there that can be causing troubles...it can get hard to keep track so each profile here is a unique setting and no more.
I am seeing this same exact behavior (seems like ever since around September 2021. Now it seems almost all new enrollments have their key missing inside Jamf. Using a script to re-issue keys isn't a solution. The config profile is supposed to work, but doesn't.
@greenabundance Did you ever solve this in your environment?
Possibly splitting hairs, but I'm trying to see the difference between using this reissueKey.sh script and using a Disk Encryption Policy that issues a new recovery key. https://docs.jamf.com/10.24.1/jamf-pro/administrator-guide/Issuing_a_New_FileVault_2_Recovery_Key.ht...
I'm not sure if this is the same issue. All of our Mac's successfully escrow the personal recovery key when they are enrolled. But we have another policy that is scoped to a smart group ("FileVault 2 Individual Key Validation" is not "Valid" AND "FileVault Enabled" is "On") and every once in a while it seems that some Mac's for whatever reason suddenly falls into this category.
It appears that when this happens, the Personal Recovery Key is actually still there, but "Personal Recovery Key Validation" reports as "Unknown".