Feb 19 2024 03:55 AM - edited Feb 19 2024 05:47 AM
Hello,
I'm trying to set up silent bitlocker deployment via Intune->Endpoint Security -> Disk Encryption. I have assigned a testing machine to it but it doesn't seems to enable bitlocker at all on the machine. I am attaching the configuration. We are in hybrid scenario and the computer is hybrid joined...
Now...
I have forced sync from the laptop.. also restarted few times already... but the drive still does not have bitlocker turned on. Btw, it is a fresh new laptop
Any advise? Am I missing anything here?
UPDATE:
I see one more warning in Event Viewer that is related to Bitlocker: "BitLocker CSP: GetDeviceEncryptionComplianceStatus indicates OSV is not compliant with returned status 0x106"
Regards,
Michal
Feb 19 2024 07:22 AM
Feb 19 2024 08:44 AM
Feb 20 2024 01:13 AM
Feb 20 2024 08:36 AM
Feb 20 2024 08:46 AM - edited Feb 20 2024 08:47 AM
@TomWechsler not a stupid question at all.... Always better to double check it :) ... It is a brand new Lenovo X1 with up to date Windows 11... Intune Monitor shows below so it is TPM 2.0 as well...The laptop is also Hybrid Joined.... Not sure about BIOS UEFI though... haven't checked it..
Feb 20 2024 09:06 AM
Feb 22 2024 05:43 AM
@sumo83 I see this often in a hybrid scenario. You can read my blogpost about this issue. Maybe it's your life saver.
https://www.burgerhout.org/the-bitlocker-haadj-nightmare/
Feb 28 2024 07:22 AM
Feb 28 2024 07:29 AM