Introduction
In this video I show you how to enforce encryption with no user interaction using Bitlocker Management in Configuration Manager 1910 (and a compliance baseline containing a configuration item with 2 registry keys).
Below are the key path and key names I used in the video:
SOFTWARE\Policies\Microsoft\FVE\MDOPBitLockerManagement
OsEnforcePolicyPeriod= 0
SOFTWARE\Policies\Microsoft\FVE\MDOPBitLockerManagement
UseOsEnforcePolicy = 1
Recommended reading
- Link to the GPO setting documentation: https://docs.microsoft.com/en-us/micr…
- Learn more about Bitlocker Management in Configuration Manager 1910, https://www.niallbrady.com/2019/11/13…
To see the rest of the videos click below:
- BitLocker management – Part 1 Initial setup
- BitLocker management – Part 2 Deploy portals
- BitLocker management – Part 3 Customize portals
- BitLocker management – Part 4 Force encryption with no user action
- BitLocker management – Part 5 key rotation
- BitLocker management – Part 6 Force decryption with no user action
- BitLocker management – Part 7 Reporting and compliance
- BitLocker management – Part 8 Migration
- BitLocker management – Part 9 Group Policy settings
- BitLocker management – Part 10 Troubleshooting
For more info about the new Bitlocker Management ability in Configuration Manager 1910 see https://www.niallbrady.com/2019/11/13/want-to-learn-about-the-new-bitlocker-management-in-microsoft-endpoint-manager-configuration-manager/
