Jamf Nation Community

Hey Jack Turner,

Yes my apologies 😣....

I did a copy of a working script do not have access rights atm need to ask a member of my team.

I think I found the reason of the block maybe.

Script result: VALID password supplied
fdesetup: auth info dictionary path = stdin
fdesetup: use personal recovery key
fdesetup: device path = /
Error: User is not Secure Token enabled.
Error: Unable to unlock or authenticate to FileVault.
Retrieving inventory preferences from https://jss.globalservs.com/...
Finding extension attributes...
Locating applications...
Locating package receipts...
Locating hard drive information...
Locating accounts...
Locating printers...
Gathering application usage information from the JamfDaemon...
Searching path: /Users/dorien.bradt/Applications
Searching path: /System/Applications
Searching path: /Applications
Locating hardware information (macOS 11.5.2)...
Searching path: /Library/Application Support/Microsoft
Submitting data to https://jss.globalservs.com/...
<computer_id>24182</computer_id>

Kind regards,

Arno

We use https://github.com/homebysix/jss-filevault-reissue and it works great. Only downside is it requires the user to input their password via a prompt. But that is how apple wants it.... So our work flow is to use the Smart group to show us whose devices need attention and then have a help desk representative reach out to them. Have them run the policy via Self Service (script and an inventory) and poof jamf will now show the new FV2 Key. 

Tested and working on intel, m1, m2 processors Mojave - Monterey.

Thanks @mojo21221 , I will try out this method.