Auto encryption of Bitlocker not working

Arun Kumar Singh 1 Reputation point
2021-02-09T10:29:11.617+00:00

We are suddenly getting issues where bitlocker policies are getting applied on computers but it does not encrypt it automatically.
We checked and can see it has latest version of Windows installed 1909 and also latest MDOP MBAM application is installed.
All policies are also applied correctly as it is working properly on test machines.
In Event Viewer we get message to upgrade BIOS of system but after upgrading BIOS also it is not auto encyrpting.
Below is the event, please suggest solution :

Log Name: Microsoft-Windows-MBAM/Admin
Source: Microsoft-Windows-MBAM
Date: 2021/2/9 15:19:09
Event ID: 2
Task Category: VolumeEnactmentFailed
Level: Error
Keywords:
User: SYSTEM
Computer: ABC
Description:
An error occurred while applying MBAM policies.
Volume ID:\?\Volume{d3c8a909-0000-0000-0000-100000000000}\

Error code:
-2144272312

Details:
BitLocker Drive Encryption cannot be enabled on the operating system drive. Contact the computer manufacturer for BIOS upgrade instructions.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-MBAM" Guid="{}" />
<EventID>2</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>65532</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2021-02-09T07:19:09.263620900Z" />
<EventRecordID>1747</EventRecordID>
<Correlation />
<Execution ProcessID="12876" ThreadID="14572" />
<Channel>Microsoft-Windows-MBAM/Admin</Channel>
<Computer>ABC</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="VolumeId">\?\Volume{d3c8a909-0000-0000-0000-100000000000}\</Data>
<Data Name="ErrorCode">-2144272312</Data>
<Data Name="ErrorString">BitLocker Drive Encryption cannot be enabled on the operating system drive. Contact the computer manufacturer for BIOS upgrade instructions.
</Data>
</EventData>
</Event>

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,781 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Dale Kudusi 3,226 Reputation points
    2021-02-10T02:13:34.233+00:00

    Hi,
    Please Verify that the BIOS Mode setting is UEFI and not Legacy.
    Kindly refer to this doc:
    Event ID 851: Contact the manufacturer for BIOS upgrade instructions

    Best regards.

    **
    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.