Updated 12/19/19 - This is now resolved! We’ve noticed an issue with a setting when configuring FileVault settings for macOS devices within Device Configuration. This may cause FileVault profiles ...
Updated Dec 19, 2019
Version 2.0
Blog Post
1 MIN READ
Resolved: Known issue for FileVault configuration profiles on macOS devices
Thanks. I was having this problem and it is solved with the bypass setting.
Another issue is, as I commented on the other blog post, that when enabling FileVault the recovery key is shown to the user and they are instructed to "keep it in a safe place." I do not want the user to store the recovery key anywhere, especially given some users will store it with the laptop. If the key is needed it should be retrieved from Intune.
My ask is that the ShowRecoveryKey FileVault2 payload option be made available in the Intune FileVault configuration profile so that it can be set to False, so that the recovery key will not be displayed to the user.
Here is the relevant part from Apple's https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf:
ShowRecoveryKey: Set to false to not display the personal recovery key to the user after FileVault is enabled. Defaults to true.