This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi, I have configured a policy in endpoint.microsoft.com to enable bitlocker.
I have 2 computer to test. A computer works but other i have this events and i cant find information for this
The events are:
Event ID: 2900
CSP de BitLocker: GetDeviceEncryptionComplianceStatus indica OSV no es compatible con el estado devuelto 0x2
Event ID: 404
Administrador de configuración de MDM: estado de error de comando. Id. del origen de configuración: (5EAD92DD-FFC4-44B7-B84B-480AC6373FC9), nombre de inscripción: (MDMDeviceWithAAD), nombre de proveedor: (BitLocker), tipo de comando: (SetValue: from Replace), URI de CSP: (./Device/Vendor/MSFT/BitLocker/RequireDeviceEncryption), resultado: (El dispositivo no está listo.).
Any idea? Second computer is break o hardware failure?
Finally, Winre environment was disabled. Winre environment can be checked with ragentc /info
To enable: ragentc /enable
If you have problem to enable, search error and resolve.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Alejandro Hernández Gil . Thanks for posting in Q&A.
For the event 2900, it indicates a warning when the MDM client tries to assess the compliance state of the PC. In our situation, Bitlocker CSP is checking the compliance status on a Cloud PC, and obliviously the device is not BitLocker enabled.
For event 404, it shows the device is not ready. This CSP is not supported on Home edition. Please ensure the windows 10 is supported.
https://learn.microsoft.com/en-us/windows/client-management/mdm/bitlocker-csp
After that, we can check the "device status" of the policy which enable Bitlocker to see if it is applied successfully. If yes, try to restart the device to see if it works.
Meanwhile, here is a link with the troubleshooting steps. You can also read it as a reference:
https://learn.microsoft.com/en-us/troubleshoot/mem/intune/troubleshoot-bitlocker-policies
Hope it can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@Alejandro Hernández Gil . Hope things are going well. If there's any update, feel free to let us know.
Hi Crystal, thanks you for your answer.
After checking the system many times, finally the problem was Winre environment, it was disabled. Once enabled the silent configuration has worked correctly.
@Alejandro Hernández Gil . Thanks for the update. I am glad to hear that the issue is resolved by enable WinRE. Congratulations! For your sharing, I appreciate it. It can help others who has the same issue.
Again thanks for your time and have a nice day!
Hello,
What is the windows 10 version?
Do you login as administrator or not ?
Do you have TPM?
Check prerequisites:
https://learn.microsoft.com/en-us/mem/intune/protect/encrypt-devices#device-prerequisites
Thanks
Chris
Hi Cristopher,
Windows 10 21H2, yes my user is administrator, yes TPM is 2.0 and is enabled.
If i run tpm.msc the device is ready to use.
Did you enable bitlocker from Endpoint Security / Disk Encryption node? You should use it always.