On-premises BitLocker management using System Center Configuration Manager
Update: December 2019. This guide was originally written when Microsoft were still developing Bitlocker Management integration. They have now released Microsoft Endpoint Manager Configuration Manager version 1910, with the Bitlocker Management feature integrated, I cover that in detail here.
Videos
BitLocker management – Part 1 Initial setup
BitLocker management – Part 2 Deploy portals
BitLocker management – Part 3 Customize portals
BitLocker management – Part 4
And to answer your last question:
One last question if currently all our machines have bit locker on and I add them to this new policy will it be able to pull the current in use recovery Keys or would I have to decrypt then re-encrypt?
If you have a computer that is already encrypted with Bitlocker, let's say with AES 128 (or some other encryption algorithm), and you later add this computer to your Bitlocker Management collection that has a policy targeted to it, the computer will get t