PreventDeviceEncryption
Applies To: Windows Server 2012
PreventDeviceEncryption prevents encrypting the operating system drive and any fixed data drive using Windows BitLocker Drive Encryption. Device encryption is a feature available on Windows 8.1 PCs that supports InstantGo. When a user boots the PC for the first time and goes through the out-of-the-box experience, device encryption, on initialization, will automatically encrypt the operating system drive and any fixed data drive using BitLocker.
Use this setting to prevent device encryption from automatically encrypting the operating system drive and any fixed data drive using BitLocker.
Note
These settings only apply to Windows 8.
Values
false |
Automatically encrypt the operating system drive and any fixed data drive using BitLocker. This is the default value. |
true |
Do not automatically encrypt the operating system and any fixed data drive using BitLocker. |
Valid Configuration Passes
offlineServicing
specialize
auditSystem
oobeSystem
Parent Hierarchy
Microsoft-Windows-SecureStartup-FilterDriver | PreventDeviceEncryption
Applies To
For a list of the Windows editions and architectures that this component supports, see Microsoft-Windows-SecureStartup-FilterDriver.
XML Example
The following example configures Windows 8.1 to not automatically encrypt the operating system drive and any fixed data drive using BitLocker when the PC first boots.
<component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<PreventDeviceEncryption>true</PreventDeviceEncryption>
</component