Bitlocker status is not accurate in Inventory

Comments

2 comments

  • Brian Green

    I've had success with it.

    Ensure that you've done a scan on Hardware Devices before checking the information.  That's how it pulls that status.

    Also, enabled isn't the same thing is protected.  In order for it to start encrypting, it need a reboot first.   So you can have your key sent to AD, but if the box doesn't report back that it's encrypted, the flag won't check.  Ensure that its status is Fully Encrypted.

     

    0
    Comment actions Permalink
  • Brandon Vinson

    After doing some digging and running the command above, we've discovered that it was our automated Bios updates. The script would suspend bitlocker protection and would not re-enable it after completion. At some point PDQ would scan the computer and add it to the list which is why computer that were previously fine started showing up. 

    Thank you. 

    0
    Comment actions Permalink

Please sign in to leave a comment.