BitLlocker Keys in Azure AD for Existing and New W10 Devices

Iron Contributor

Hi All

 

Any decent, step by step guides for:

 

Enabling BitLlocker and storing keys in Azure AD for Existing (No Wipe) and New (AutoPilot) W10 Devices?

 

Info appreciated

4 Replies

There is a guide here http://www.rebeladmin.com/2019/09/step-step-guide-enable-bitlocker-cloud-managed-windows-10-devices-... default it should store the key in Azure AD. On a test device, you can check out the Event Logs (

Application and Services Logs > Microsoft > Windows > BitLocker -API > Management) 

and it should say its storing the key in Azure AD. 

Hi Stuart

Have you tried Endpoint Protection Profile and Security Baseline with Write back? You may also need to OMI profile to have it without notification.

Hope it helps!
Moe

https://docs.microsoft.com/en-us/windows/client-management/mdm/bitlocker-csp