Silently Enable Bit Locker with AutoPilot

Dilan Nanayakkara 1,111 Reputation points
2021-09-29T07:57:09.223+00:00

Hi All,

I have tested the BitLocker configuration profile with Autopilot and it seems successful, but it saying "Used Space Only" when I checked the status (refer image1). However I have deployed same policy to a device already enrolled, it will be fully encrypted the disks(refer image2).

at the same time I was seen "Silent enablement of BitLocker will encrypt used disk space only." on below Microsoft article, but again I was doubt since it will be doing without any issue for already enrolled device as per image2.

https://learn.microsoft.com/en-us/mem/intune/protect/encrypt-devices

So I was wondering is there anything missed in my configurations.

Image1
136224-image1.jpg

Image2
136195-image2.jpg

Thanks,
Dilan

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,789 questions
Microsoft Intune Application management
Microsoft Intune Application management
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Application management: The process of creating, configuring, managing, and monitoring applications.
910 questions
Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,313 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,692 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Pavel yannara Mirochnitchenko 12,411 Reputation points MVP
    2021-09-29T20:25:37.173+00:00

    I had some other problems in Intune with bitlocker and came up to the resolution that you should use new Endpoint Security to configure all Bitlocker releated stuff. Basicall my old Configuration Profile stopped working.


  2. Crystal-MSFT 45,896 Reputation points Microsoft Vendor
    2021-09-30T06:02:04.917+00:00

    @Dilan Nanayakkara , From your description, I know the silently enable Bitlocker with Autopilot is failed. If there's any misunderstanding, please let us know.

    Based as I know, to enable Bitlocker silently during Autopilot, we need to make sure the ESP is enabled. When it is enabled, then the Device Encryption feature will wait until Intune policy assignment happens, and then BitLocker can be turned on and applicable settings can be used. We can follow the steps in the following link to configure to see if it is working:
    https://learn.microsoft.com/en-us/mem/autopilot/bitlocker

    Hope it can help.


    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.