exe add HKLM\SOFTWARE\Policies\Microsoft\FVE / v EncryptionMethod / t REG_DWORD / d 6 / f & manage - bde - on c : Note: I manually encrypted one of the two virtual machines with XTS-AES 128 using the following: cmd / c reg. I've prepared 2 virtual machines running Windows 10 20H2 and neither virtual machine has received our previously configured BitLocker Management policy yet, however one vm is encrypted using a different encryption algorithm than the one we created in the previous blog post, this is so that we can see what occurs when it receives that policy.īoth are running Windows 10 version 20H2 with the ConfigMgr client agent version. If the computer has not been targeted with BitLocker policy and is for whatever reason decrypted, then the hard disc drives data will be readable at rest (not protected). Let's take a look at some client computers both before and after they receive BitLocker Management policy from ConfigMgr.īefore a client receives BitLocker Management policy, it can be in one of 2 states with regards to encryption, namely fully encrypted or fully decrypted. As Windows 10 20H2 is a newly released operating system, we need to use ConfigMgr 2006 to remain supported. But let's focus on the client side for now and in this blog post we will look at a Windows 10 20H2 client. This was enough to start the flow of how things work on the server side. In the previous part we created a BitLocker Management policy, but we did not deploy it. Troubleshooting BitLocker Management in ConfigMgr - Part 3. Troubleshooting BitLocker Management in ConfigMgr - Part 2. Troubleshooting BitLocker Management in ConfigMgr - Part 1. This purpose of this mini series is to help you troubleshoot problems related to the installation, configuration and usage of the new BitLocker Management capabilities in ConfigMgr and will be broken down into the following 3 parts. Microsoft BitLocker Administration and Monitoring (MBAM)Īnd recently they've posted an updated blog post here where they go into detail about how BitLocker Management in Microsoft Endpoint Manager has evolved (both in Intune and ConfigMgr). On-premises BitLocker management using System Center Configuration Manager They detailed how that would impact and evolve on the following three platforms.Ĭloud-based BitLocker management using Microsoft Intune Microsoft blogged about Bitlocker Management capabilities back in May, 2019.
0 kommentar(er)
