SCCM BitLocker in MDT Task Sequence

[ace_ventura]

We use SCCM and MDT at the present time, have not migrated to SCCM task sequences yet for OSD, just using MDT.  (We need to deploy machines to three different domains depending on the pc and point to two different management points and i haven't figured out how to create the task sequences to do this at this time) We do deploy the SCCM client as an application in the MDT sequences so that the machines are managed in SCCM.  (We currently use SCCM for patching, package and application deployments and soon bitlocker and defender.  We followed the steps to implement bitlocker in SCCM from this article.  https://msendpointmgr.com/2020/04/02/goodbye-mbam-bitlocker-management-in-configuration-manager-part-3/.  It explains how to set this up in an SCCM task sequence but im having a hard time getting it working in an MDT sequence.  The MDT sequence doesnt have a pre-provision bitlocker step.  Does anyone know how to do the bitlocker sccm setup stuff from that article in an MDT task sequence?

[anyweb]

For this to work you'll need the configmgr client agent installed on the computers, will it be ?

[ace_ventura]

yes it will be

[anyweb]

then as long as the computer get's the configmgr client agent, and BitLocker Management policy, then they will get encrypted as per your policy, do you want to encrypt during OSD ? if so please review

If you can't use pre-prov during an MDT task sequence then use you'll have to use the Enable BitLocker step in MDT to encrypt your devices.

[ace_ventura]

Ok, I was confused since there was no preprovision step in MDT like there is in an SCCM TS, i followed your guide put the reg key for the XTS step before the first bitlocker step in the MDT TS and then again later in the TS and it appears to be working!  I cant get it to escrow the key in AD even though i told MDT to do so, it just puts a txt file at the root of C.