BitLocker encryption not working on newly created Autopilot device


Hi Community


I am currently setting up Autopilot and want to enable BitLocker security at the point when the device is built or as a last resort could do post build.


Unfortunately I am unable to get my device to enable BitLocker for a start.

The device is co-managed and I have created a policy in Intune.

When the device is built from an Autopilot reset, it doesn't seem to be enforcing BitLocker.


I also get an error in Intune device profile settings targeted for the device.

-2016281112 (Remediation failed)

The error code is 0x87d1fde8.


I include a screenshot of the settings defined in Intune. Ideally I want to set 256 bit encryption with a start-up PIN and the PIN stored in Azure AD.


Any advice on what I am doing wrong would be greatly appreciated.


On a side note, Should I be attaching this policy through endpoint security now going forward? I hear the older methods will become deprecated in the future.


Many Thanks for members support. 



2 Replies
I have been using Silent Bitlocker which always works as expected, it could be something like BIOS needed to be up to date. Check this one out-


Can you take a look at the BitLocker event logs? Can you try to change your settings to: 


Skärmavbild 2020-10-07 kl. 20.59.06.png