This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello!
I'm trying to silently encrypt devices via Intune Device Configuration profile.
The endpoints are on-prem domain-joined + azureAD-registered Windows 10 machines (10.0.19042)
The error I'm getting is Client-driven recovery password rotation Fails with -2016281112 (Remediation failed) error code 0x87d1fde8
Event log on the endpoint shows that configure recovery password rotation URI request is not supported:
The Device configuration profile settings are:
Could you please help figure out how this can be fixed?
Has this been fixed yet?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 74%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM3%3C/text%3E%3C/svg%3E)
We had the same issue. Turned out that the device had no Secure boot enabled in de BIOS. After turning it on. The error disappeared in intune. Hope this helps?
Also check the TMP just to make sure?
Update the device(s) with the latest firmware.