Bitlocker does Full Encrypt, but we want Used Space Only

Copper Contributor

When we implement Bitlocker via InTune it works and we end up with disks Fully Encrypted.

Is it possible to set it so that it will only encrypt "Used Space Only"?


I've been digging through the settings but cannot see anything there that looks like the obvious option.

We are able to do Used Space Only encryption if we use the wizard on the workstation, but naturally I'd rather the InTune automation.

6 Replies

Thanks, but I can't see how that helps @Swaminathan_Arumugam 

Are you able to point me to the text that describes specifically how to encrypt "Used Space Only".



Hi SvendP,

As I know Silent Encryption uses (Used Space Only) by default (screenshot attached). Here is great blog about Bitlocker and silent encryption using Intune.

Hope this helps!

Blog by our colleague Peter Klapwijk, used it many times before In case you having troubles enabling silent encryption.

Thank @Moe_Kinani , That certainly confirms that I am not totally blind and there is in fact no option in the UI.

Strangely I do have the Block setting for Warning for other disk encryption which the article states is the actual "silent" part of the implementation, and so it should just do the User Data Only.


I'm going to test it on a larger pool of laptops to see if any of them come up with a User Data Only Encryption. I have been informed that many of these workstations had encryption enabled before but that it was disabled so that a firmware update could be carried out. I wonder if that has a bearing on this re-encryption process.



My experience has been that it will encrypt full disk if a partition existed prior to windows install and used space if none existed. 


Hi, I have reinstalled windows and deleted all partitions, Now the silent encryption status is Fully Encrypted. :unamused:

Please advise