S01E29 - Using the Intune Encryption Report to Troubleshoot BitLocker Issues

S01E29 - Using the Intune Encryption Report to Troubleshoot BitLocker Issues - (I.T)

Рет қаралды 7,441

Күн бұрын

Пікірлер: 10

@JamieColeman-m2t Ай бұрын

Hey Steve & Adam, I have a device with that same error message of Encryption of data storage on device Error 2016281112(Remediation failed). I did exactly what you all did in the video and I checked the encryption report for this specific device. It shows the TPM version 2.0 Encryption readiness "ready" Encryption status "NOT encrypted" and when I click on the Device encryption status -the status details are Blank, nothing is there at all?

@TheWindspeed36 3 жыл бұрын

I'm trying to fix an issue at the moment where some Win10 Pro & Ent 2004 & 20H2 devices show BitLocker as enabled (via Control Panel / cmd), device compliance reports it's enabled and the CSV reports states Profile State Summary and BitLocker State are both succeeded yet the Encryption Status for some will say Not Encrypted. Is this something you've seen recently?

@sme1983 Жыл бұрын

Hi - I really need to get this data into Power BI, can you help pleeeeease!?

@tilikumtim5562 4 жыл бұрын

I'm getting the same Remediation Failed errors, but the devices are being encrypted. Running the PowerShell command Get-BitlockerVolume shows the device drive is fully encrypted and the key is in AAD under the device. I will have to check the encryption report and see what the status says.

@IvanRosaT 4 жыл бұрын

so they are various factors for this to happen, 3 I can contribute on: 1) The machine is still in the encrypting process 2) It can take up to 24hrs to get the real status update(I have experienced it), a Sync on the PC and remote is advised to accelerate the process 3) If the machine was already encrypted at some point before the joined, then sometimes the actual unlocking key is not synced, so resending the key is advised also to help further track errors, you might want to create a policy with "Health Attestation Service evaluation rules," (keep in mind "Policy" -Not to be confused with 'Device Configuration Profile'

@tilikumtim5562 4 жыл бұрын

@@IvanRosaT Thanks Ivan. I checked the Enryptyion Report (it was very helpful) and it failed on a few older HP computers. Actually the OS drives were encrypted, but it was failing on the fixed drives - the HP recovery drive and HP_Tools drive that had the Remediation Failed error. As I had selected the option to backip the Bitlocker recovery key to Azure Active Directory first before starting the encryption... some devices had about 20 recovery keys for these fixed drives despite Bitlocker not being enabled on them! I will take a look at that policy you mentioned. Thanks again.

@alexismusaitif2184 2 жыл бұрын

@@tilikumtim5562 I ran into this same issue. Did you find a fix?

@IvanRosaT 4 жыл бұрын

here's an idea, to generate reports, one thing I do is to go the configuration profile and highlight , copy / paste directly into excel... Credits I learned from my SCCM deployments ...