Forum Discussion

Josch24's avatar
Josch24
Copper Contributor
Mar 22, 2021

Device Configuration Policy showing false information

Hi,

 

I noticed every client applied successfully our device policy and shows "Encrypt devices" as "Succeeded" but when I take a closer look at some clients I found out that many of them are not encrypted at all. Those clients also don't have a decrypt key in Azure. If I trigger Bitlocker manually on those clients the key is sent to Azure as configured. Anyone with similar issues?

 

Thanks,

Josch

 

 

  • Moe_Kinani's avatar
    Moe_Kinani
    Bronze Contributor
    Hi Josch,

    Can you please check the event log and what error do you see? It should be under Microsoft/ Windows/ Bitlocker/API-Management.

    I suspect the issue is either Outdated BIOS, TPM firmware or Secure Boot is not on. I highly recommend check those three settings to start.

    Moe

Resources