How to change Filevault Personal Recovery Key through Jamf policy

sherwinadrian_d
New Contributor II

Hi guys, I'm a noob here just starting to learn how to use Jamf pro as managing our workstations. I would like to know if there is a way to Change the personal recovery key  of a station after providing it and using it with an end user?

1 ACCEPTED SOLUTION

Ismere
New Contributor III

Hi sherwinadrian_d,

in the Jamf Documentation under this link : https://docs.jamf.com/10.40.0/jamf-pro/documentation/Disk_Encryption_Configurations.html
you will find an explanation how to change the Recovery Key trough a Policy. But keep in mind that there are also some Requirements listed that need to be fulfilled.
Choosing the trigger, frequency and scope for this totally depends on your exact Usage Scenario.
Easiest way would be Check-In, Once per Computer, a static group. Adding a computer to that group after you used the recovery key and flushing it if you ever need to reset it again in the future. More automated or comfortable ways should be possible but then you will need to invest more time into creating the actual workflow for it.

View solution in original post

2 REPLIES 2

Ismere
New Contributor III

Hi sherwinadrian_d,

in the Jamf Documentation under this link : https://docs.jamf.com/10.40.0/jamf-pro/documentation/Disk_Encryption_Configurations.html
you will find an explanation how to change the Recovery Key trough a Policy. But keep in mind that there are also some Requirements listed that need to be fulfilled.
Choosing the trigger, frequency and scope for this totally depends on your exact Usage Scenario.
Easiest way would be Check-In, Once per Computer, a static group. Adding a computer to that group after you used the recovery key and flushing it if you ever need to reset it again in the future. More automated or comfortable ways should be possible but then you will need to invest more time into creating the actual workflow for it.

Hi Ismere,

 

This will be very helpful to me. I will go check this out. I really appreciate your reply!