Forum Discussion
Intune BitLocker silent encryption not working on Hybrid Azure AD devices.
Hi as you are mentioning 3 things.. HAADJ and Bitlocker and Autopilot.
1. What happens when NOT using HAADJ and autopilot. Does bitlocker error still occur?(so we can rule out gpos from your on premise domain messing things up... For now I will put my money on this issue :P)
2. What happens when you just turn of the bitlocker enrollment in Intune (also to rule out other bitlocker configurations that could mess up things)
3. Could you show us your Bitlocker settings? As mentioning here , when you don't configure the compatible tpm , silent encryption could fail
https://call4cloud.nl/2021/02/b-for-bitlocker/
Hello Rudy_Ooms_MVP
Thank you for your reply.
1. I have tried applying BitLocker policies after Autopilot is completed and it worked fine. Recovery keys were backed up to Azure AD as well as AD.
2. When I turn off BitLocker policies, encryption was not started on the machine.n
3. I have tried decrypting drives and synced the policies again then it went fine.
4. Please find the below screenshots of Intune BitLocker settings
- Hi,
I don’t really understand if at the end of Autopilot process your drive is encrypted and backed up in AD or if encryption start only when you open session.
Can you try with these settings :
Compatible TPM Startup : Required
Compatible TPM Startup Pin : Blocked
https://techcommunity.microsoft.com/t5/intune-customer-success/configuring-bitlocker-encryption-with-endpoint-security/ba-p/2283101
Renald when looking at the screenshots from my iphone i cant spot any errors … (will take a better look when inam home)
Just wondering but what happens when using the powershell option to deploy bitlocker as i also mentioned in that blog?
