Fleet version: 4.76.1 (customer-deebradel) | 4.77.0 (@GrayW Render)
💥 Actual behavior
When enabling Require BitLocker PIN under Disk Encryption advanced options, hosts do not behave as expected.
Behaviour 1: (deebradel and grayw)
- Some hosts do not receive the configuration profile to enforce the PIN settings despite meeting the TPM requirements and the disk being 100% encrypted
- The banner in self-service is present with instructions on how to set the PIN
- There is no option to
Change how the drive is unlocked at startup
Behaviour 2: (deebradel only)
- Some hosts receive the configuration profile
- The banner in self-service is present
- There is an option to
Change how the drive is unlocked at startup
- There is no option to set a PIN
- deviceenroller.exe is repeatedly attempting to set the registry value to 2 (optional), rather than 1 (required)
🛠️ To fix
TODO
🧑💻 Steps to reproduce
These steps:
- Enable Require BitLocker PIN for a Team
- Sync host with Fleet
🕯️ More info (optional)
So far, this issue has only been reported by customer-deebradel. But, it is also showing inconsistencies on my test instance.
These issues were present and tested on Windows devices that had only ever enrolled to Fleet, and no other MDM services. All were clean installations. A mixture of physical and virtual machines.
Fleet version:
4.76.1(customer-deebradel) |4.77.0(@GrayW Render)💥 Actual behavior
When enabling
Require BitLocker PINunder Disk Encryption advanced options, hosts do not behave as expected.Behaviour 1: (
deebradelandgrayw)Change how the drive is unlocked at startupBehaviour 2: (
deebradelonly)Change how the drive is unlocked at startup🛠️ To fix
TODO
🧑💻 Steps to reproduce
These steps:
🕯️ More info (optional)
So far, this issue has only been reported by
customer-deebradel. But, it is also showing inconsistencies on my test instance.These issues were present and tested on Windows devices that had only ever enrolled to Fleet, and no other MDM services. All were clean installations. A mixture of physical and virtual machines.