How to approach implementing Escrow Buddy with pre-existing FileVault2 enforcement profile in Jamf Pro

Question

How to approach implementing Escrow Buddy with pre-existing FileVault2 enforcement profile in Jamf Pro

Closed this issue 9 months ago · 2 comments

Our Jamf Pro instance has already rolled out FV2 encryption enablement/enforcement configuration profiles and is set to escrow the PRK to Jamf Pro. How do I approach using Escrow Buddy to force encrypted endpoints with an invalid/unknown individual recovery key validation to escrow a new PRK? These endpoints with invalid/unknown recovery keys already have the existing FV2 config profile, and I'm worried that scoping an additional FV2 profile with the same settings will cause more issues.

Answer 1 · 2024-01-31T21:53:47.000Z

Hi @jybarbo79 - No need to scope an additional profile; just make sure your existing profile is scoped to all Macs. Then you can proceed with steps 2 and 3 of the deployment instructions.

Answer 2 · 2024-01-31T22:01:17.000Z

Perfect! Thanks for the quick reply!