From 74cbef2d123f920d044471dc437cfbac577d34a5 Mon Sep 17 00:00:00 2001 From: Maricia Alforque Date: Wed, 5 Jul 2017 20:52:51 +0000 Subject: [PATCH] Merged PR 2055: Merge maricia-12637498 to master --- windows/client-management/mdm/bitlocker-csp.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/bitlocker-csp.md b/windows/client-management/mdm/bitlocker-csp.md index 2007e89d95..24db3c3c45 100644 --- a/windows/client-management/mdm/bitlocker-csp.md +++ b/windows/client-management/mdm/bitlocker-csp.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 06/19/2017 +ms.date: 07/05/2017 --- # BitLocker CSP @@ -113,7 +113,10 @@ The following diagram shows the BitLocker configuration service provider in tree
  • 7 = XTS-AES 256
    • -

    If you want to disable this policy use the following SyncML:

    +> [!Note] +> When you enable EncryptionMethodByDriveType, you must specify values for all three drives (operating system, fixed data, and removable data), otherwise it will fail (500 return status). For example, if you only set the encrytion method for the OS and removable drives, you will get a 500 return status. + +

    If you want to disable this policy use the following SyncML:

    ``` syntax @@ -257,6 +260,9 @@ The following diagram shows the BitLocker configuration service provider in tree
  • 'zz' = string of max length 500.
    • +> [!Note] +> When you enable SystemDrivesRecoveryMessage, you must specify values for all three settings (pre-boot recovery screen, recovery message, and recovery URL), otherwise it will fail (500 return status). For example, if you only specify values for message and URL, you will get a 500 return status. +

    Disabling the policy will let the system choose the default behaviors. If you want to disable this policy use the following SyncML:

    ``` syntax