Share via

enable bitlocker with pin

W Raspe 21 Reputation points
2022-12-27T10:35:41.667+00:00

Hi Team,

I want to configure Bitlocker encryption with Pin automatically on devices.

I have configured/enabled a few GPO like below:

  • Choose drive encryption method and cipher strength (W10 1511 and later, with XTS-AES 256 bit and AES-CBC 256 bit
  • enabled Store Bitlocker recovery information in active directory domain services
  • enabled choose how bitlocker-protected os drives can be recoverd
  • configure minimum PIN length for startup 6
  • Configure TPM platform validation profile for BIOS-based firmware
  • Configure TPM platform validation profile for UEFI firmware
  • Enforce drive encryption type on os drives
  • Require additional authentication at startup

When I wanted to test the function within powershell it gave me the next error:
274247-errorbit.png

Is there a way to configure bitlocker automatically with PIN? no integration with MDT or SCCM. Just by GPO and powershell

Windows for business | Windows Client for IT Pros | Devices and deployment | Set up, install, or upgrade
Windows for business | Windows Client for IT Pros | Devices and deployment | Configure application groups
Windows for business | Windows Server | User experience | PowerShell
Windows for business | Windows Client for IT Pros | User experience | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. S.Sengupta 27,591 Reputation points MVP
    2022-12-29T02:27:07.197+00:00
    0 comments
  2. W Raspe 21 Reputation points
    2023-01-06T22:37:35.737+00:00

    Got it working with powershell script with enable-bitlocker

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.