PowerShell Scripts to be deployed with Workspace ONE UEM Scripts to configure Bitlocker
PowerShell Scripts for Workspace ONE UEM to Configure Bitlocker
These scripts are provided 'as-is' and are not supported by VMware
They should be deployed as Workspace ONE UEM Scripts for Windows 10/11
bitlocker_cipher_strength.ps1 - Set the Encryption Cipher Strength for Bitlocker Enabled Drives (OS, Physical or Removable)
Return Type: String
Run Context: System
Usage:
Update the following lines:
$key_name = "drive-type" - Which type of drive to set the cipher value for:
$key_name = "drive-type"
Values:
OS Drive - EncryptionMethodWithXtsOs Fixed Drives - EncryptionMethodWithXtsFdv Removable Drives - EncryptionMethodWithXtsRdv
Example: $key_name = "EncryptionMethodWithXtsRdv"
$key_name = "EncryptionMethodWithXtsRdv"
$ciphervalue = "cipher-value" - The cipher value
$ciphervalue = "cipher-value"
AES-CBC 128-bit = 3 AES-CBC 256-bit = 4 XTS-AES 128-bit (default) - 6 XTS-AES 256-bit - 7
Example: $cipher = "7"
$cipher = "7"
Output:
bitlocker_encryption_type.ps1 - Set the Encryption Type for Bitlocker to go Enabled Removable Drives.
Update the following line:
$encryptionvalue = "0" - How to Encrypt Removable Drives
$encryptionvalue = "0"
Allow User To Choose (Default) - 0 Used Space Only Encryption - 3 Full Disk Encryption- 4
Example: $encryptionvalue = "4"Output:
$encryptionvalue = "4"