How to deploy BitLocker with Specops Deploy

If you need to protect your organizational data through drive encryption, chances are, you’ll need BitLocker deployment. This was the case for a Specops Deploy customer that wanted to enable BitLocker on new Windows 10 machines. In this blog post we will walkthrough how to activate BitLocker with Specops Deploy / OS. The process is quite easy, and does not require configuring a Task Sequence in MDT.

  1. From the Group Policy Management Editor, browse to: Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption, click Operating System Drives.
  2. Enable Choose how BitLocker-protected operating system drives can be recovered.
  3. Configure the recovery settings as you see fit, and tick the Do not enable BitLocker until recovery information is stored to AD DS for operating system drives checkbox.
    Choose how BitLocker-protected operating system drives can be recovered
  4. Click OK.
  5. Open the Specops Deploy / OS admin tool.
  6. In the navigation pane, expand Policies.
  7. Select the Group Policies
  8. From the Deployment Policies drop down, select the policy you want to edit.
  9. Find the Custom MDT Properties settings, and click Add.
  10. Add the following variables:
    DoNotCreateExtraPartition: No
    BdeInstallSuppress: No
  11.  Click Save.

The affected machines will be encrypted after deployment.

Happy Deployment!

  • Was this Helpful ?
  • Yes   No

Tags: ,

>

Written by

Johan Soderstrom

Product Specialist, Specops Software

More Articles
Back to Blog

Related Articles

© 2017 Specops Software. All rights reserved. Privacy Policy | Terms & Conditions