Looking to hear from anyone who's got institutional keys working and has decrypted them successfully.
We've setup FV2 on casper, currently in testing. Individual Recovery Keys are synced back to the JSS. We have a Master Key uploaded to the JSS, and Institutional Keys enabled in the policy.
However, on our test Macs, once they are encrypted, we can't find the Master Key in either the system library, or encryption-enabled users folders. Is this expected behavior? My understanding is that the key needs to be present in order for the decryption to work?
I have a post on Institutional Recovery Keys (IRKs) and how they work, available via the link below: