I had some other problems in Intune with bitlocker and came up to the resolution that you should use new Endpoint Security to configure all Bitlocker releated stuff. Basicall my old Configuration Profile stopped working.
Silently Enable Bit Locker with AutoPilot
Hi All,
I have tested the BitLocker configuration profile with Autopilot and it seems successful, but it saying "Used Space Only" when I checked the status (refer image1). However I have deployed same policy to a device already enrolled, it will be fully encrypted the disks(refer image2).
at the same time I was seen "Silent enablement of BitLocker will encrypt used disk space only." on below Microsoft article, but again I was doubt since it will be doing without any issue for already enrolled device as per image2.
https://learn.microsoft.com/en-us/mem/intune/protect/encrypt-devices
So I was wondering is there anything missed in my configurations.
Image1
Image2
Thanks,
Dilan
2 answers
Sort by: Most helpful
-
Pavel yannara Mirochnitchenko 11,716 Reputation points MVP
2021-09-29T20:25:37.173+00:00 -
Crystal-MSFT 43,381 Reputation points Microsoft Vendor
2021-09-30T06:02:04.917+00:00 @Dilan Nanayakkara , From your description, I know the silently enable Bitlocker with Autopilot is failed. If there's any misunderstanding, please let us know.
Based as I know, to enable Bitlocker silently during Autopilot, we need to make sure the ESP is enabled. When it is enabled, then the Device Encryption feature will wait until Intune policy assignment happens, and then BitLocker can be turned on and applicable settings can be used. We can follow the steps in the following link to configure to see if it is working:
https://learn.microsoft.com/en-us/mem/autopilot/bitlockerHope it can help.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.