question

MurphyCiaran-2467 avatar image
0 Votes"
MurphyCiaran-2467 asked ·

Bitlocker Encryption report in Intune

Hello,

do our on-prem AD managed Win10 devices need to be hybrid domain joined before we can get Bitlocker encryption report in Intune endpoint manager?

From my understanding we need the following but please correct if wrong

  • win 10 hybrid domain joined

  • migrate the management of MBAM to configuration manager

  • enable Microsoft Defender for Endpoint

  • deploy defender ATP

I was hoping to get this capability prior to hybrid domain joining through just ATP telemetry.

all feedback welcomed

Regards

Ciaran

windows-10-security
· 3
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@MurphyCiaran-2467
Hi,

Just checking in to see if the information provided was helpful.

If the reply helped you, please remember to accept as answer.
If no, please reply and tell us the current situation in order to provide further help.

0 Votes 0 ·

Hi Jenny,

I suppose the simplest form of my question is, is it possible to add win 10 machines to Intune that are still managed by our on prem Domain, before they are hybrid or full AAD joined?

If so, is it possible to get Bitlocker telemetry from those win 10 devices?

Regards

Ciaran

0 Votes 0 ·

Hi,

As far as I know, currently no way to complete this.
Let's look forward to other reply from forum users.

0 Votes 0 ·
JennyFeng-MSFT avatar image
0 Votes"
JennyFeng-MSFT answered ·

@MurphyCiaran-2467
Hi,
Intune provides a built-in encryption report that presents details about the encryption status of devices, across all your managed devices. After Intune encrypts a Windows 10 device with BitLocker, you can view and manage BitLocker recovery keys when you view the encryption report.
You could refer to the following official article as your reference:
https://docs.microsoft.com/en-us/mem/intune/protect/encrypt-devices
https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/managing-bitlocker-with-microsoft-endpoint-manager/ba-p/1582523
Hope above information can help you.

============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MurphyCiaran-2467 avatar image
0 Votes"
MurphyCiaran-2467 answered ·

Hi Jenny,

thanks for your response.

is there any way I can report on Bitlocker encryption status using ATP security center? (Without 'managing' Bitlocker with Endpoint manager?) so for devices using MBAM

I found an article from 2018 that illustrates it is/was possible to report on Bitlocker encryption status but I cannot find any Bitlocker analytics in our ATP security center portal.

Regards

Ciaran



· 2 ·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I shoudl also add that our win 10 devices are still managed by our on prem AD and are not hybrid domain joined yet.

0 Votes 0 ·

Hi,
Yes, I also saw that article, but I didn’t find other valid information about BitLocker encryption status.
There seems to be no way to achieve.

0 Votes 0 ·