Mar 11 2020 02:26 AM
Hi All
Is there a way to port BitLocker keys on existing / in use devices that have already been encrypted (manually or outwith Intune) to Azure AD?
Info appreciated
Mar 12 2020 07:35 AM
Mar 18 2020 02:39 AM
Mar 18 2020 04:45 AM
Hi @Stuart King
This would be my way of working:
- Create an Intune policy to enable encryption and store the key in AAD
- Disable the policy in the local AD
- Force a key rotation on all machines (https://www.scconfigmgr.com/2019/11/20/enable-bitlocker-key-rotation-for-intune-managed-devices/)