![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 38%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMH%3C/text%3E%3C/svg%3E)
5,569 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 35%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
@Matthew Hedrick,Thanks for posting in Q&A.
From your description, I know that you are confused on silent BitLocker policy settings and want to figure out.
Based on my research, if you want to silently enable BitLocker via Intune, there are two methods you can configure it and settings you can refer.
1.Endpoint security Disk encryption policy
- Require Device Encryption = Enabled
- Allow Warning For Other Disk Encryption = Disabled
2.Device configuration Endpoint protection policy
- Warning for other disk encryption = Block.
- Allow standard users to enable encryption during Microsoft Entra join = Allow
- User creation of recovery key = Allow or Do not allow 256-bit recovery key
- User creation of recovery password = Allow or Require 48-digit recovery password
Hope this can be helpful. If there is any update, feel free to contact me.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.