Enable Bitlocker using Active Directory GPO RRS feed

  • Question

  • Hi,

    Is it possible to enable Bitlocker on Windows 10 client machines using AD group policies


    Wednesday, December 27, 2017 2:30 PM

All replies

  • Hi,

    as far as i am aware you have to enable Bitlocker yourself either manually or during deployment and can only use AD to store the recovery keys

    • Proposed as answer by Ronak Vora Thursday, December 28, 2017 6:47 AM
    Wednesday, December 27, 2017 3:48 PM
  • Thats correct!
    Thursday, December 28, 2017 6:47 AM
  • Using GPO: only in connection with MBAM. MBAM is an enterprise customer benefit, so if you aren't entitled to use it: no, not with GPOs.

    Of course you could use startup scripts from with in GPOs. The command line is manage-bde.exe

    Friday, December 29, 2017 1:28 PM
  • You can use AD and MBAM simultaneously for storing recovery keys.

    Please remember to mark my post as an answer, if I really helped you out, or vote if usefull. Thank you!

    Wednesday, January 3, 2018 10:15 AM