Hello all,
In our institution, all staff users have managed computers using standard accounts. Computers have filevault enabled and PRK's are escrowed into JAMFcloud under the disk encryption pane.
I've seen it happen a couple of times - occasionally we have users that go to boot their device up and log in, but after entering their password, they are fed into device recovery with a request for a password. Entering their password can't unlock the disk/proceed and only a PRK can allow you to go further.
With the PRK entered, users can attempt to change their password, but it doesn't make a difference. On restarting device, they still can't log into the computer and are again fed back into device recovery.
The quickest routine is to flatten the device and re-install macOS as troubleshooting with staff present often leads nowhere. As we're not using 'Erase all contents and settings', reinstallation takes over an hour, and then have to re-enroll and resetup the computer.
Has anyone seen occasional FV bugs, and are there work arounds that don't require flattening the computer?
Staff members don't claim to be misbehaving with the device and I do believe them.
Thanks all!
