SOLVED: Can SCCM Bitlocker Encrypt All Internal Disks

The short answer is no.  Even the latest version of SCCM 1551 in 2016 cannot turn on BitLocker for more than a specific drive.  Worse, if you manually turn on BitLocker for other disks after SCCM has enabled it for the OS drive, the recovery key that you see in Active Directory will NOT be of use with those ‘other’ disks.  From Matthew at Microsoft Partner Support:sccm-bitlocker-only-os-drive

…the recovery key in ADUC can only be used for the Current OS drive. The recovery key is correspond one to one with the encrypted drive.


Questions or Comments?