Forum Discussion
Solved
Bitlocker encryption
Hi, We have enabled Bitlocker using Intune and used AES 256bit XTS. But when we run manage-bde -status it says the encryption method is XTS-AES 128. Any suggestions on this? Is it a potential Bu...
- Ok, but if you want the intune clients to also have 256Bit... Then you will have to decrypt them and encrypt them again to fix that
You could use logging to see what's happening :
Start-Transcript c:\Windows\Temp\decrypt.log
$BLV = Get-BitLockerVolume
Disable-BitLocker -MountPoint
Stop-Transcript
Deploy that to a computer and check the log afterwards. You're running it as System and not as the logged in user?
Start-Transcript c:\Windows\Temp\decrypt.log
$BLV = Get-BitLockerVolume
Disable-BitLocker -MountPoint
Stop-Transcript
Deploy that to a computer and check the log afterwards. You're running it as System and not as the logged in user?
Hi Harm, Is there a way that we can check the encryption method on all devices (nearly 300) devices maybe using a PowerShell script?
Thanks
Thanks
- A bit like this I assume.. from there on after you altered it you could change it do "fix"/remediate it
https://call4cloud.nl/2021/05/the-texas-chain-saw-bitlocker-remediations/#part4
