This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 63%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECD%3C/text%3E%3C/svg%3E)
The "Enable Bitlocker" task as been placed near the End of the Task Sequences, and the option to "Wait for Bitlocker to complete the drive encryption..." has been checked, but despite this we see that the task does not wait for the encryption to be completed before continuing to the nex task.
The result is that when the TS is completed, we run a QA script and the script still detects that the disk encryption is not complete.
But the process of encryption is running...
In the SMSTS.LOG we can see the Bitlocker task which runs in less than a few seconds and moves on to the next task.
So it doesn't wait for encryption to finish even if the option has been checked !!
Has anyone ever encountered this ?
(SCCM Version 1910)
We ended up using the Powershell command (Get-Bitlockervolume) in the task sequence, and the WMI command (That can run without Admin rights) when the QA is run outside the task sequence.
Thanks @Colin Ford for your help.
No worries @Chaput, Dominique . If you can mark one Answer that will help to close out the thread.
It looks like you run the Enable BitLocker command twice and the first command succeeds
1st run
Encrypting used disk space OSDBitLocker 2/06/2021 5:17:13 PM 8148 (0x1FD4)
Process completed with exit code 0 TSManager 2/06/2021 5:20:13 PM 684 (0x02AC)
2nd run
Volume 'C:' is already protected with BitLocker OSDBitLocker 2/06/2021 5:20:14 PM 8036 (0x1F64)
Process completed with exit code 0 TSManager 2/06/2021 5:20:14 PM 684 (0x02AC)
The first run is quick, but it can be especially if you are using BitLocker pre-provisioning. The QA script detection is likely the issue as you mention. Try using the WMI namespace root\cimv2\Security\MicrosoftVolumeEncryption
The ProtectionStatus property of Win32_EncryptableVolume will tell you whether a drive is fully encrypted.
Thank you ColinFord-6663 for the answer.
We use the WMI namespace you mention, but because the QA need also to run after the TS (On first open session) we changed it to a command that doesn't need Admin elevation, that's why we use the other command.
But thank you for your help, I think we have to investigate why it doesn't return the correct value when run in TS, even if encryption is completed.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 67%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHM%3C/text%3E%3C/svg%3E)
Hi, Just checking in to see if there is any update. We haven't heard from you for a few days and would like to know the current status of the problem. Is the problem solved? Do you need any further assistance? Look forward to hearing from you.
Thanks for your time.