We identified an issue with BitLocker encryption in Windows 10/11 devices managed through Microsoft Intune. Encryption failed on several devices, displaying the following errors. But further investigation revealed the problem occurs only on two HP models—EliteBook 830 G6 and EliteBook 830 G5—while other HP models encrypt successfully.
The BitLocker encryption was failing on multiple devices with the following errors.
Error1:
The encryption method of the OS volume doesn’t match the BitLocker policy. To encrypt drives, the BitLocker policy requires either the user to sign in as an Administrator or if the device is joined to Microsoft Entra ID, the AllowStandardUserEncryption policy must be set to 1.
Error2:
The encryption method of the OS volume doesn’t match the BitLocker policy.
The devices were showing the following details:
- Encryption readiness: Not ready, Encryption status: Not encrypted
- Encryption readiness: Ready, Encryption status: Not encrypted
Cause & Solution
Following Microsoft support’s guidance, we enabled specific settings in the BitLocker policy, and encryption began working correctly after these changes. However, Microsoft could not explain why the issue affects only two hardware models
BitLocker Base Settings:
- Warning to other disk encryption: Block
- Allow standard users to enable encryption during Microsoft Entra join: Allow
- Configure encryption methods: Enable
Related Posts
- Win32 App Deployment failed with error code 0x80070643
- Win32 App Deployment Failed with Error 0x87D1041C
- Win32 App Deployment failed with error 0x87D300C9
- Win32 App failed with error code 0x80070653
- That account info didn’t work – error when disconnecting Windows 10 / 11 Work or School account
- Intune – Windows 10 MDM- Basic troubleshooting
- Deploying Microsoft 365 Apps Stuck in Downloading in Company Portal
- Windows 10 / 11 Operating System Build Versions
- MDM Enroll: Device Credential, Failed (Unknown Win32 Error code : 0xcaa9001f
- Microsoft Endpoint Manager: Error Code Reference
- Intune Bulk Enrollment with Provisional Package failed Error 0xCAA2000C
- How to Fix Intune Win32 App Deployment Error 0x87D30006
Subscribe to Techuisitive Newsletter
Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.