2 weeks ago
We're doing some testing in our QA environment and configured all our Config Profiles to match what is in Prod. We've enrolled 4 Mac's and they show Invalid and the Recovery key is super long. I did try the github reissue filevault key, also escrowbuddy and ran the files and processes command, but neither work. When I run the reissue command and type in password and it's successful and I run a jamf recon, the recovery key validation changes to Valid, but the recovery key is still wrong and when you refresh it, it goes back to Invalid.
Solved! Go to Solution.
2 weeks ago - last edited 2 weeks ago
Ive seen this when the certificate created automatically when you create the Filevault config profile has issues. My fix was to bin the config profile and let the system create a new cert, then use FV Buddy to re-issue key.
Since we had FV Buddy setup things are a lot better with the invalid and unknown keys.
2 weeks ago
That a know issue. Then you filevault before enroll. Or server dont respont
I use ecrow buddy from Netflix to fix that
2 weeks ago - last edited 2 weeks ago
Ive seen this when the certificate created automatically when you create the Filevault config profile has issues. My fix was to bin the config profile and let the system create a new cert, then use FV Buddy to re-issue key.
Since we had FV Buddy setup things are a lot better with the invalid and unknown keys.
2 weeks ago
During the enrollment after we enter our Azure logon credentials, we get the prompt to enable filevault.
2 weeks ago
Turns out FV was configured in our QA environment using the key that was setup under our Prod site.