BitLocker encryption not working on newly created Autopilot device

Contributor

Hi Community

 

I am currently setting up Autopilot and want to enable BitLocker security at the point when the device is built or as a last resort could do post build.

 

Unfortunately I am unable to get my device to enable BitLocker for a start.

The device is co-managed and I have created a policy in Intune.

When the device is built from an Autopilot reset, it doesn't seem to be enforcing BitLocker.

 

I also get an error in Intune device profile settings targeted for the device.

-2016281112 (Remediation failed)

The error code is 0x87d1fde8.

 

I include a screenshot of the settings defined in Intune. Ideally I want to set 256 bit encryption with a start-up PIN and the PIN stored in Azure AD.

 

Any advice on what I am doing wrong would be greatly appreciated.

 

On a side note, Should I be attaching this policy through endpoint security now going forward? I hear the older methods will become deprecated in the future.

 

Many Thanks for members support. 

 

 

2 Replies
I have been using Silent Bitlocker which always works as expected, it could be something like BIOS needed to be up to date. Check this one out-

https://www.inthecloud247.com/windows-10-failed-to-enable-silent-encryption/

@isotonic_uk 

Can you take a look at the BitLocker event logs? Can you try to change your settings to: 

 

Skärmavbild 2020-10-07 kl. 20.59.06.png