Update BitLocker Unique Identifiers with Intune
Posted inBitLocker Intune Microsoft 365 Microsoft Intune Windows

Update BitLocker Unique Identifiers with Intune

BitLocker unique identifiers are values used to identify the ownership of an encrypted volume.  The device that performs the encryption holds the unique identifier and as encryption begins, it also records this against the metadata of that encrypted volume. The identifiers are typically used in tandem with the BitLocker removable data-drive setting write access to devices configured in another organisation which, if set to block, will prevent write operations on devices where the unique…
Store BitLocker Recovery Keys in Azure AD for Devices Already Encrypted
Posted inBitLocker Entra ID (Azure Active Directory) Intune Microsoft 365 Microsoft Intune PowerShell Windows

Store BitLocker Recovery Keys in Azure AD for Devices Already Encrypted

As you move from on-premises or third-party infrastructure to Microsoft 365 and Azure AD, you will want to keep those BitLocker recovery keys safe.  You can store those keys either in on-premises Active Directory or in the cloud with Azure AD. The behavior of the BitLocker / Azure AD relationship is that the recovery keys will only be stored against the device object in Azure AD if the encryption happens when the device is…