We have a local admin account that we want to be enabled for FileVault. We need to be able to rotate this password, but have found that when changing the password through Jamf, it does not update the filevault password.
Would a viable solution be to delete the entire in its' entirety, then re-create the account in jamf (set password and enable filevault2)? Is there a better way to do this? There's nothing stored in this account. It's just a way for our help desk members to gain local admin access into these machines.
Note: We are aware of the management account playing better with password resets using jamf, but we prefer to keep two separate local admins due to the fact that some admin users remove the local admin account. If we enable our management account for fv2, users will be more aware of this account and may increase the likelihood of someone removing the management account.
