Windows 10 BitLocker RRS feed

  • Question

  • I want to get started using BitLocker on all new Windows 10 laptops I plan to purchase.  I want to be able to activate BitLocker on a clean Windows10 laptop, out of the box, and join it to our domain.  I understand that the BitLocker key (pin, password, etc.) will be recorded in Active Directory.  I want to know if it is just that simple.  1) BitLocker is turned on in the new Windows10 laptop and 2) In Active Directory all I need to do is enable

    Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives Group Policy setting and select the Do not enable BitLocker until recovery information is stored in AD DS for operating system drives option, then apply that group policy to the OU that will contain my Windows10 laptops.

    Am I on the right track?  Suggestions?

    Wednesday, February 28, 2018 6:11 PM

All replies