21.1 C
Monday, March 4, 2024

Disk Encryption BitLocker Policy in MEM Endpoint Security

M365 Disk Encryption Profile to deploy bitlocker using Microsoft Endpoint Manager for your laptops and desktops , Microsoft Made it seamless to deploy them .

Encrypt Windows devices with BitLocker in Intune – Microsoft Intune | Microsoft Docs

Known Errors –
Start – Eventvwr – Application and Service Logs – Microsoft – Windows – Bitlocker-API – Management

It Failed to enable Silent Encryption.

Error: Group policy prevents you from backing up your recovery password to Active Directory for this drive type. For more info, contact your system administrator.

Solution – Policy Misconfigured – Require device to backup recovery information to Azure AD is not Configured – It should be configured to resolve it.

Error: BitLocker cannot use Secure Boot for integrity because it is disabled.

manage-bde -protectors -get c:

This shows that PCR 7 is NOT in use / Even though the secure boot is enabled.

Solution –

manage-bde -protectors c: -delete -t tpm
manage-bde -protectors c: -add -tpm

Error 1: BitLocker could not be enabled

The Bitlocker encryption key cannot be obtained. Verify that the Trusted Platform Module (TPM) is enabled and ownership has been taken.if this computer does not have TPM, verify that the USB drive is inserted and available.

C: was not encrypted

Error 2: BitLocker cannot use Secure Boot for integrity because the UEFI variable ‘SecureBoot’ could not be read.

Solution for #1 and #2: Clear the TPM using TPM.msc

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Related Articles


Please enter your comment!
Please enter your name here

× How can I help you?