TCGSecurityActivationDisabled specifies whether
Windows® automatically configures encrypted drives (eDrives), also
known as encrypted hard disk drives (eHDDs).
TCGSecurityActivationDisabled sets the Group Policy
administrative template setting: Do not automatically encrypt
files moved to encrypted folders. This Group Policy setting is
used after Windows is installed and started up. The setting
specifies, for unprovisioned eDrives, whether security should be
activated on the eDrive during provisioning. Use the DisableEncryptedDiskProvisioning
unattend setting for configuring the operating system installation
for the target HDD.
|The eDrive must be configured in the unattend file by using the settings in Microsoft-Windows-Setup\DiskConfiguration\Disk. If the drives are configured manually, then the eDrive configuration policy may not be properly configured.|
Specifies that Windows does not automatically encrypt eDrives.
Specifies that Windows automatically encrypts eDrives. This is the default value.
Valid Configuration Passes
Microsoft-Windows-EnhancedStorage-Adm | TCGSecurityActivationDisabled
For a list of the Windows editions and architectures that this component supports, see Microsoft-Windows-EnhancedStorage-Adm.
The following XML output shows how to configure Windows so that Windows does not automatically encrypt eDrives.