@Bongardino I never thought about this. I always just assumed it
replaces the old personal recovery key but never tested using an old
one. Our users never had their personal keys anyway though (back when we
were manually encrypting laptops before we ...
@Bongardino @gskibum This workflow should still work but we don't use it
anymore. Once we encrypted all of our laptops and got their keys in the
JSS, we turned this policy off. Now, we encrypt all new/refresh laptops
before deploying them. I checked ...
In our environment, we have a Smart Computer Group that detects if a
laptop is encrypted but not encrypted by Casper. Here is the criteria:
FileVault 2 Partition Encryption State is Encryptedand ( FileVault 2
Individual Key Validation is Unknownor Fi...