This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 61%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Hi, does anyone know how to prevent auto device encryption via Intune?
This link shows how to do it via a registry key, but we want to disable it during Autopilot provisionning during our tests.
Thank you in advance and don't hesitate if you have any questions.
The only option you can find related to Bitlocker is "Require" or "Not configured".
You need to create a custom OMA-URI policy to enable the setting "Security/PreventAutomaticDeviceEncryptionForAzureADJoinedDevices" in Policy CSP.
Here are some posts with the similar issue with yours, just for your reference, you can try the method mentioned by Mark_Thomas:
https://social.msdn.microsoft.com/Forums/en-US/d9ff2e01-5e36-4aa2-8a92-31094502e1da/can-we-disable-automatic-bitlocker-encryption-on-azure-ad-join?forum=WindowsAzureAD
Hope above information can help you.
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.