@thatmp7 When a Mac is booted to the FileVault login screen it's not on the network, so it's not possible to log in via a network only account at that point.

If you're on 10.13 (or later) with APFS disk format, then the expected behavior is that once a local admin account is enabled for FileVault, any additional local users that are created will be automatically granted a secureToken, which allows them to unlock the disk at the FileVault screen. AD mobile accounts will get a pop-up dialog at first login requesting a local admin with secureToken to enable secureToken. This allows the AD user to unlock at the FV screen.

You can run sysadminctl -secureTokenStatus ADUserNameHere If it returns disabled, then not having that secureToken attribute is why they can't login at the point

@sshort correct our Macs are on 10.13 and later. AD accounts are enabled for FV. However, I tried the command line and the AD account is ENABLED for Secure Token. I still cannot login with my AD account after a restart or boot up. It'll have to be a local account first, log off local account, then any account can log in. We have too many Macs for the IT folks here to go one by one to log in with the local account first then the customer can log in if a Mac happened to restart or shutdown unexpectedly.

@thatmp7 The AD configuration on Macs you want to be able to use AD accounts to unlock FV will need to have mobile accounts enabled.

@sdagley mobile accounts is enabled still same issue.

@thatmp7 Have you verified the mobile account for the AD user account you're trying to use for FV access has been created?

https://www.jamf.com/jamf-nation/discussions/26108/users-added-to-file-vault-but-don-t-show-up-to-unlock-it

this post has solved my issue if anyone comes across this.