This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 64%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOU%3C/text%3E%3C/svg%3E)
Hi ,
I am getting below error while doing azure disk encryption -
Can someone please guide me on this ?
{"code":"VMExtensionProvisioningError","message":"VM has reported a failure when processing extension 'AzureDiskEncryption' (publisher 'Microsoft.Azure.Security' and type 'AzureDiskEncryption'). Error message: '[2.4.0.21] Bitlocker preparation tool failed with -2147211916.\r\nAn unexpected error occurred while running BitLocker Setup. You may need to manually prepare your drive for BitLocker.
An Azure service for virtual machines (VMs) that helps address organizational security and compliance requirements by encrypting the VM boot and data disks with keys and policies that are controlled in Azure Key Vault.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 10%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Hello Omkar Urankar,
Thank you for posting your query here!
The error you're encountering with Azure Disk Encryption seems to be related to the VM extension provisioning. This issue might be due to several factors, such as Key Vault access policies not being set correctly, custom group policy settings for BitLocker being incompatible, or issues with the VM's ability to establish outbound connections to Azure storage.
Here are some steps you can take to troubleshoot the issue:
· Please ensure that "Enable access to Azure Resource Manager for Template Deployment" is checked in your Key Vault access policies. https://stackoverflow.microsoft.com/questions/205616
· Confirm that the VM has a running VM agent and that it can establish outbound connections to Azure storage. If the VM agent or extensions are not reporting status, this could lead to provisioning errors. https://learn.microsoft.com/en-us/answers/questions/884131/encrypt-azure-disks-failed-with-error-code-2147942
· Also, confirm that the VM has a running VM agent and that it can establish outbound connections to Azure storage.
Additional points to check:
· Ensure that the disks attached to your VM are properly configured and meet the requirements for encryption. For example, if you're encrypting the OS disk, make sure it's a managed disk.
· Verify that the Azure Key Vault you specified for storing encryption keys has the necessary permissions for the VM to access it.
Do let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi Omkar,
It seems that there is an issue with the BitLocker preparation tool while running Azure Disk Encryption. The error message suggests that you may need to manually prepare your drive for BitLocker. Here are a few things you can try to resolve the issue:
If none of the above steps work, you can try contacting Microsoft support for further assistance.