This task sequence step configures BitLocker® Drive Encryption on the target computer. For more information about this step type, see Enable BitLocker.
The unique properties and settings for the Enable BitLocker task sequence step type are:
Name |
Description |
Type |
Set this read-only type to Enable BitLocker. |
Settings
Name |
Description |
Current operating system drive |
When selected, the operating system drive will be configured. This is the default selection. |
Specific drive |
When selected, the specified drive will be configured. |
TPM only |
When selected, the Trusted Platform Module (TPM) is required. This is the default selection. |
Startup key on USB only |
When selected, a startup key is required on the specified USB drive. |
TPM and startup key on USB |
When selected, the TPM is required in addition to a startup key on the specified USB drive. |
In Active Directory |
When selected, the recovery key is stored in AD DS. This is the default selection. |
Do not create a recovery key |
When selected, the recovery key is not created. Using this option is not recommended. |
Wait for BitLocker to complete |
When selected, this step will not finish until after BitLocker has finished processing all drives. |
Related Topics
Specific Properties and
Settings for Task Sequence Step Types