- The device currently belongs to a profile in Fleetsmith that is managing FileVault
You can re-escrow a Recovery Key into Fleetsmith with the steps below. Please note, the command in Step 2 must be run on the device (the command cannot be deployed via MDM) by a user with admin permission.
- Open the terminal on the device.
- Paste the following:
sudo /usr/bin/fdesetup changerecovery -personal -outputplist | sudo tee /opt/fleetsmith/data/fvrk.plist
- When prompted, enter the local password to execute the command (the password will not be visible).
- When prompted again, enter the username and then the password a second time. After approximately 10 minutes, the device will have a new recovery key which will be escrowed in Fleetsmith.