homebysix
commented
3 years ago Generation of a new FileVault key requires an account with FileVault authorization. If you already have such an account, you can use fdesetup changerecovery -personal to generate the key with that account's credentials, rather than prompting the logged in user. Refer to the section called Managing Individual And Institutional Recovery Keys on Rich Trouton's post Managing macOS Mojave’s FileVault 2 with fdesetup for details.
(Careful: if you choose to automate this process using a shared "local admin" password via Jamf, your password may need to be stored somewhere that would put it at risk of being seen by other Jamf admins, like in the script parameters.)
As of device managed by JAMF may i correct and its approved also. again and again why we are keep on asking to user to enter the password
here would like to auto process without user password can triggre the new key is that possible.