[Emma Hexnode 23 December 2021 Emma Moderator]

@gnishilda  We appreciate you reaching out to us!

Unfortunately, the escrowed personal recovery keys in Jamf cannot be migrated to the Hexnode UEM console. However, since the devices are already encrypted, you can set up a new FileVault personal recovery key after enrolling the devices in Hexnode UEM.

Here’s how you can go about it:

1. After enrolling the device in Hexnode UEM, run the command sudo fdesetup changerecovery –personal in the device Terminal to generate a new recovery key.
2. Next, open the Hexnode MDM agent app on the Mac and click on the Sync button.
3. Now log in to the Hexnode portal.
4. Navigate to the Manage tab. Select your devices and execute the Scan Device action.
5. Go to Device Summary > Device Info > Security Info > FileVault Recovery Key.
6. Here you may select the option ‘Decrypt FileVault Recovery Key’ and choose the method of encryption used. Click on Decrypt.

Finally, the new FileVault recovery key will be displayed under Security Info > FileVault Recovery Key.

Please refer to FileVault decryption on an already encrypted Mac for further details.

Hope this solves your query. Do reach out if you have any further queries.

Cheers!
Emma Jones
Hexnode UEM