Forum Discussion
BitLocker encryption not working on newly created Autopilot device
Hi Community
I am currently setting up Autopilot and want to enable BitLocker security at the point when the device is built or as a last resort could do post build.
Unfortunately I am unable to get my device to enable BitLocker for a start.
The device is co-managed and I have created a policy in Intune.
When the device is built from an Autopilot reset, it doesn't seem to be enforcing BitLocker.
I also get an error in Intune device profile settings targeted for the device.
-2016281112 (Remediation failed) |
The error code is 0x87d1fde8.
I include a screenshot of the settings defined in Intune. Ideally I want to set 256 bit encryption with a start-up PIN and the PIN stored in Azure AD.
Any advice on what I am doing wrong would be greatly appreciated.
On a side note, Should I be attaching this policy through endpoint security now going forward? I hear the older methods will become deprecated in the future.
Many Thanks for members support.
- Moe_KinaniBronze ContributorI have been using Silent Bitlocker which always works as expected, it could be something like BIOS needed to be up to date. Check this one out-
https://www.inthecloud247.com/windows-10-failed-to-enable-silent-encryption/ - alexandertuvstromBrass Contributor
Can you take a look at the BitLocker event logs? Can you try to change your settings to: