BitLocker- NoStartupDelay – Auto Encryption

Question

Hi Team,

We have recently enabled BitLocker feature in MECM. after adding the machines to policy collection we can see BitLocker policy in configuration baseline tab(in configuration manager properties) and settings in local registry(ComputerHKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftFVE).

Until we double click “MBAMClientUI.exe” (C:Program FilesMicrosoftMDOP MBAM) encryption is not starting on machines even if we wait for 48 hours. So decided to add “NoStartupDelay” registry, is there any impact if we add NoStartupDelay registry on multiple machines ?

REG ADD HKLMSoftwareMicrosoftMBAM /v NoStartupDelay /t REG_DWORD /d 1 /f

Please help me to encrypt the machines automatically.

solved 0
Prasanth Padmanaban 2 weeks 2021-05-03T10:54:39+05:30 1 Answer 7 views Beginner 0

Answer ( 1 )

    0
    2021-05-03T12:44:44+05:30

    Hello,

    I would suggest you to verify logs located C:\Windows\CCM\Logs

    BitLockerManageMent_GroupPolicyHandler.log – Records details about communication with the SCCM Management Point to retrieve policy.

    More you can review the logs in Event Viewer in Applications and Services Logs > Microsoft > Windows > MBAM.

    The popup will be appear automatically unless until you’re not connected to RDP. By default policy takes 90 minutes, To speed up the encryption process you can add “NoStartUpDelay” to test. Firstly Its best to check and analyze, let us update.

    Details you can find – https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/configmgr-bitlocker-management/ba-p/1279246

    Best answer

Leave an answer

Sorry, you do not have a permission to answer to this question .