Hello
It appears you are binding the Mac in a Zoned mode, rather than in Autozone? If so, you will want to make sure the User is able to log in to the Mac in Access Manager first.
Also, I noticed that you mention PIV...is this User a Smartcard enforced User? At this time, OSX does not support Filevault2 unlock using Smartcards. More info here. You will need to use a User that has a username and password, in order to unlock the system. This can be either a local User or network user (assuming you have added them to allow login on this Mac.)
I hope this helps! If not, can you provide a few more details about your org?
Have a great day!!
Ryan V