PreventDeviceEncryption prevents encrypting the operating system drive and any fixed data drive using Windows BitLocker Drive Encryption. Device encryption is a feature available on Windows 8.1 PCs that supports connected standby. When a user boots the PC for the first time and goes through the out-of-the-box experience, device encryption, on initialization, will automatically encrypt the operating system drive and any fixed data drive using BitLocker.

Use this setting to prevent device encryption from automatically encrypting the operating system drive and any fixed data drive using BitLocker.

Values

false

Automatically encrypt the operating system drive and any fixed data drive using BitLocker.

This is the default value.

true

Do not automatically encrypt the operating system and any fixed data drive using BitLocker.

Valid Configuration Passes

offlineServicing

specialize

auditSystem

oobeSystem

Parent Hierarchy

Applies To

For a list of the Windows editions and architectures that this component supports, see Microsoft-Windows-SecureStartup-FilterDriver.

XML Example

The following example configures Windows 8.1 to not automatically encrypt the operating system drive and any fixed data drive using BitLocker when the PC first boots.

  Copy Code
<component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
	<PreventDeviceEncryption>true</PreventDeviceEncryption>
</component

See Also