Bitlocker Disk Encryption

Iron Contributor

I have setup the bitlocker encryption to be XTS-AES-256 and full disk encryption but it is not getting applied to the device. What could be wrong? I followed the same one below.

 

https://techlabs.blog/categories/office-365/silently-enable-bitlocker-using-a-disk-encryption-policy...

3 Replies

Is the device already encrypted with 128? If yes, you need to decrypt then apply the new policy again.

 

I would also use Config Profile - Endpoint Protection- Windows Encryption, saying this because it worked for me very quick.

 

Hope this helps!
Moe

So, you say using Disk Encryption method is not going to wrok and use CSP method? It is going to be tough decnrypt all users who are joining through Autopilot and then encrypt again. Is that the option we have to do?
For Disk Encryption vs Endpoint Protection config, they should both work, I prefer using Endpoint Protection Config.

Unfortunately the only way to change Encryption from 128 to 256, you need to decrypt and re-encrypt the disk.



Moe