Knowledge Base

Our dedicated Product Specialist team is always ready to help you when you need it the most. Contact Support

How to deploy BitLocker with Specops Deploy

If you need to protect your organizational data through drive encryption, chances are, you’ll need BitLocker deployment. This was the case for a Specops Deploy customer that wanted to enable BitLocker on new Windows 10 machines. In this blog post we will walkthrough how to activate BitLocker with Specops Deploy / OS. The process is quite easy, and does not require configuring a Task Sequence in MDT.

  1. From the Group Policy Management Editor, browse to: Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption, click Operating System Drives.
  2. Enable Choose how BitLocker-protected operating system drives can be recovered.
  3. Configure the recovery settings as you see fit, and tick the Do not enable BitLocker until recovery information is stored to AD DS for operating system drives checkbox.
    Choose how BitLocker-protected operating system drives can be recovered
  4. Click OK.
  5. Open the Specops Deploy / OS admin tool.
  6. In the navigation pane, expand Policies.
  7. Select the Group Policies
  8. From the Deployment Policies drop down, select the policy you want to edit.
  9. Find the Custom MDT Properties settings, and click Add.
  10. Add the following variables:
    DoNotCreateExtraPartition: No
    BdeInstallSuppress: No
  11.  Click Save.

The affected machines will be encrypted after deployment.

Happy Deployment!

Publication date: November 9, 2017
Modification date: October 30, 2023

Was this article helpful?

Related Articles