Configuring Endpoint Security for BitLocker Encryption and Backing Up Recovery Keys to Azure AD in Intune

Question

Hi All,

I need help to configure endpoint security for bit-locker encryption on all Intune devices and the recovery key to be backed up to azure ad. I configured it correctly and end-device is enabled Bitlocker , but recovery key not backed up to azure AD .

Posted by Ferdows Ahmed in HTMD FB Group

bitlocker 1 - HTMD Forum - Welcome to the world of Device Management! This is community build by Device Management Admins for Device Management Admins❤️ Ask your questions!! We are here to help you! - Configuring Endpoint Security for BitLocker Encryption and Backing Up Recovery Keys to Azure AD in Intune

Answer ( 1 )

    0
    2024-05-23T16:38:55+05:30

    Fore More Details New BitLocker Disk Encryption Policy for Intune Endpoint Security
    https://www.anoopcnair.com/bitlocker-disk-encryption-policy-for-intune/

    Replied by Chris Chisholm

    Do you have “Do not enable BitLocker until recovery information is stored to AD DS for operating system drives” configured in your policy?

    Replied by Ferdows Ahmed

    Chris Chisholm , yes, I enabled this option . Now, if I do autopilot enrollment on a new pc, the key is backing up to azure ad , but the pc that people are currently using , those pc isn’t backing up the recovery key . I have to backup it manually. How can I backup the key from the pc that is already enrolled.

    Replied by Simon Hardy

    What events are being logged on the device in the Event Log? What happens if you try to manually backup the recovery key to Azure AD via the Windows Terminal / PowerShell on such a device? How are you configuring bitlocker within Intune (policy details) and how are you starting the encryption process for devices that are already enrolled?

    Replied by Ferdows Ahmed

    Simon Hardy thankyou for your response, yes. If I manually backup the recover key from right click c drive > manage bitlocker > backup to azure ad. That process backup the key . But I want to be backup automatically, as soon as I login to the pc after enrollment

Leave an answer

Sorry, you do not have permission to answer to this question .