Posted on 02-28-2022 02:12 PM
Support has recently suggested that i switch with a profile payload for FV2 distribution to config profile instead.
Originally this stemmed from new machines (of multiple different OS's ranging from Catalina to Monterey, not getting FV2 enabled.
Long story short, it seemed like there was an issue with the management account or corrupt prestage enrollment on Apple's side /shrug.
Since the move to FV2 via config profile and no policy payload, the machines all have FV2 enabled, have bootstrap enabled, have secure token, but when i look in JSS, the individual recovery key is "Unknown",
Tried on the same machine after multiple wipes and the result is always the same. Is there a solution that allows the config profile to properly handle the enablement and escrowing of FV2 on machines? Maybe there is something i am missing here :(
Posted on 02-28-2022 02:59 PM
I started seeing this in a couple of Macs as of lately.
Posted on 02-28-2022 09:36 PM
Reach out to Jamf support I think is a known issue... We were able to just rotate/issue a new key with standard policy... You may have to run a script first for the "rotate" to work..
C