Mar 16 2020 09:24 AM - edited Mar 16 2020 09:25 AM
Hi,
I have been testing Bitlocker on my Surface Pro and ran into a small problem. I have configured to to boot with a PIN but it wont enable due to no pre-boot keyboard being avaialble.
BitLocker Group Policy Settings("Enable use of BitLocker authentication requiring preboot keyboard input on slates")
I have tested the GPO below which does allow me to decrypt the drive and encrypt again. Is there a way I can push the GPO to the machine automatically from Intune as part of the pre-build?
Also the Bitlocker encryption is not encrypting to the correct settings, it is defaulting to 128bit and only active files, rather than the 256 and full drive encryption I have set. Is this due to it not being able to full configure using the Intune settings so it falls back to the default?
Regards
Ben
Mar 17 2020 05:38 PM
Mar 18 2020 02:35 AM
@Moe_KinaniHi, yes I have checked all Bitlocker settings in Intune but unfortunately am unable to find this GPO.
If its not avaialble in Bitlocker, or Administrative Templates, is there a way to deploy a custom Intune policy which targets the local GPO?
Jun 02 2020 05:46 AM - edited Jun 02 2020 05:48 AM
I'm having the same issue with a new MS Surface Laptop 3.
I've configured require TPM and PIN through Intune policy and profile.
The error states clearly that PIN is not possible because the Surface device has no boot-keyboard. I swear that this device has a none detatchable keyboard! :\
The same policy and profile works fine on multiple Lenovo devices. @Moe_Kinani
Jun 03 2020 02:29 AM
Hey @Ben Curran,
you have to assign your BitLocker Policy to a devices AAD group and ESP must be turned on otherwise you are too late and BitLocker Automatic encryption during AADJ will kick in to encrypt your device with default settings like 128-bit used space etc.
See all the detailed references here:
https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/bitlocker
https://oofhours.com/2019/08/26/bitlocker-esp-and-windows-autopilot-working-in-harmony/
best,
Oliver
Mar 19 2021 12:48 AM