From 5c3c7151ab46bbb6ce2de3b1889d4a49a9b46546 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Sat, 22 Aug 2020 10:56:44 +0300
Subject: [PATCH] add note about unreachable machines on the network

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6771
---
 .../bitlocker/bitlocker-how-to-enable-network-unlock.md        | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
index a7a7e7fce7..1fe88d096c 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
@@ -309,6 +309,9 @@ To turn off the unlock server, the PXE provider can be unregistered from the WDS
 
 To update the certificates used by Network Unlock, administrators need to import or generate the new certificate for the server and then update the Network Unlock certificate Group Policy setting on the domain controller.
 
+> [!NOTE]
+> Machines that do not get the GPO will ask for the PIN when booting. In this case one needs to investigate and understand why the machine could not get the GPO and update the certificate.
+
 ## <a href="" id="bkmk-troubleshoot"></a>Troubleshoot Network Unlock
 
 Troubleshooting Network Unlock issues begins by verifying the environment. Many times, a small configuration issue will be the root cause of the failure. Items to verify include: