Audit Log for macOS Recovery PIN
When using the "Remote Lock" feature in Intune for macOS devices, the firmware recovery PIN that is shown in the portal doesn't always show unless you initiate a sync (even if the device is offline). If an admin then sends another device command, that recovery PIN is lost permanently and not even the support team or engineers can retrieve that PIN (I have a "bricked" MBP to prove it).
Therefore, it would be helpful if that recovery PIN could at the very least be logged and accessible to MS Support or (more preferably), accessible to Intune administrators so that they can retrieve the PIN at any time. This ensures that the access to the recovery PIN doesn't depend on whether or not a command has been issued to the computer since the remote lock.
Jonathan Vassar commented
Just did this to myself yesterday with my Intune test Mac. Didn't even see the recovery PIN, now I have a brick. Why this isn't stored in Intune with the device is beyond me, even Bitlocker you can get the Recovery passcode, why is this different?