PreventDeviceEncryption

Applies To: Windows Server 2012

PreventDeviceEncryption prevents encrypting the operating system drive and any fixed data drive using Windows BitLocker Drive Encryption. Device encryption is a feature available on Windows 8.1 PCs that supports InstantGo. When a user boots the PC for the first time and goes through the out-of-the-box experience, device encryption, on initialization, will automatically encrypt the operating system drive and any fixed data drive using BitLocker.

Use this setting to prevent device encryption from automatically encrypting the operating system drive and any fixed data drive using BitLocker.

Note

These settings only apply to Windows 8.

Values

false

Automatically encrypt the operating system drive and any fixed data drive using BitLocker.

This is the default value.

true

Do not automatically encrypt the operating system and any fixed data drive using BitLocker.

Valid Configuration Passes

offlineServicing

specialize

auditSystem

oobeSystem

Parent Hierarchy

Microsoft-Windows-SecureStartup-FilterDriver | PreventDeviceEncryption

Applies To

For a list of the Windows editions and architectures that this component supports, see Microsoft-Windows-SecureStartup-FilterDriver.

XML Example

The following example configures Windows 8.1 to not automatically encrypt the operating system drive and any fixed data drive using BitLocker when the PC first boots.

<component name="Microsoft-Windows-SecureStartup-FilterDriver" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
      <PreventDeviceEncryption>true</PreventDeviceEncryption>
</component

See Also

Concepts

Microsoft-Windows-SecureStartup-FilterDriver