cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

BitLocker with non-compatible TPM

Stuart King
Iron Contributor

‎Aug 09 2019 05:19 PM

‎Aug 09 2019 05:19 PM

BitLocker with non-compatible TPM

Hi All

 

Would I be correct in saying that to Enable BitLocker with non-compatible TPM devices, the following settings should be used:

 

  • Platform Windows 10 and later
  • Endpoint protection profile type
  • Windows Encryption Settings
  • Windows Settings > Encrypt devices = Require
  • BitLocker OS drive settings
  • Additional authentication at startup = Require
  • BitLocker with non-compatible TPM chip = Not configured

 

These settings prompt the user to encrypt the drive on a test VM and seem to work.

 

Have I missed anything?

10.9K Views
0 Likes
2 Replies
Reply
2 Replies
Jonas Bøgvad

‎Aug 12 2019 04:40 AM

‎Aug 12 2019 04:40 AM

Re: BitLocker with non-compatible TPM

Save the Bitlocker key to Azure AD.

Autopilot & 1809 needs some specific configurations.
https://techcommunity.microsoft.com/t5/Microsoft-Intune/BitLocker-Encryption-Policy-for-AutoPilot-De...

And also make sure the BIOS is updated :)
0 Likes
Reply