Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

How can we improve Configuration Manager?

Enhance task sequence step preprovision bitlocker with encryptionmode options

For MBAM clients I want to use preprovisioned bitlocker volumes.
A requirement is to use the AES256 encryption mode.The pre provision bitlocker step defaults to aes128, and cannot be changed in the step itself.
I now have a extra step before the preprovision bitlocker step with this command:
cmd /c reg.exe add HKLM\SOFTWARE\Policies\Microsoft\FVE /v EncryptionMethod /t REG_DWORD /d 4 /f

Thanks to this website:
https://blog.alschneiter.com/2017/05/03/change-bitlocker-drive-encryption-to-xts-aes-256-during-osd-with-configmgr/

25 votes
Vote
Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
JeroenB shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base