Bitlocker issue

Question

Bitlocker showing some machines as not encrypted in intunes, but when checking the respective machine bitlocker is indeed encrypted

Answer 1

@Julian Portelli, Thanks for porting in Q&A. From your description, I know the device is encrypted. But it shows not encrypted in Intune portal. Please check what is the status of the BitLocker policy we assigned to the device. If it shows error. it usually occurs when the device has been encrypted by another means (possibly manually). The settings match the current policy, but Intune has not initiated the encryption.

https://learn.microsoft.com/en-us/troubleshoot/mem/intune/device-protection/troubleshoot-bitlocker-admin-center#scenario-6--the-device-is-encrypted-but-the-profile-state-is-in-error

In the encryption report, please also check the encrypted readiness status. If a Windows 10 device displays a Not ready status, it might still support encryption. For a Ready status, the Windows 10 device must have TPM activated. TPM devices aren't required to support encryption but are highly recommended for increased security.

Meanwhile, please also check the event view logs under the following locations to see if any error related.

Applications and Service Logs > Microsoft > Windows > DeviceManagement-Enterprise-Diagnostics-Provider > Admin

Applications and Services log -> Windows -> BitLocker API

In addition, run the following command in command prompt to get more information of the status. manage-bde -status

Please check the above information and if there's any update, feel free to let us know.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.