Blog Post

Intune Customer Success
5 MIN READ

Enabling BitLocker with Microsoft Endpoint Manager - Microsoft Intune

Intune_Support_Team's avatar
Intune_Support_Team
Silver Contributor
Feb 19, 2021
By Luke Ramsdale – Service Engineer | Microsoft Endpoint Manager – Intune   This is the first in a five-part series about using BitLocker with Intune. The series will review basic concepts and re...
Updated Dec 19, 2023
Version 10.0
BitLocker
BitLocker Series
support tip
Luker1's avatar
Luker1
Icon for Microsoft rankMicrosoft
Feb 24, 2021

HeyHey16K  We are planning to cover this in the 4th blog in the series in detail, are the affected Hybrid devices enrolled via Autopilot and do you enable BitLocker during autopilot? There is a scenario where the device is not present in AAD (i.e. has not synced via AD connect yet) but is in AD that the key will only be backed up there when encryption is enabled during Autopilot, if this is the case you should see an error in the BitLocker-API event logs during that timeframe. You can try rotating the keys from the console to recreate the key and add it into AAD.

 

If this happening for existing HAADJ machines that have a BitLocker policy deployed after they have been deployed then investigating the BitLocker-API event log would be required to understand why the key has not been stored in AAD.