SCCM | Configuration Manager | Intune | Windows Forums

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members. Please post your questions in the correct category.

NEW Windows 11 - bitlocker force removable device to be encrypted


Hi all,

I have some computers fully managed by Intune and encrypted by bitlocker.
Since I have started my windows 11 deployment I encounter a weird behavior with removable devices and bitlocker. Now, it is mandatory to encrypt usb key/removable device before to use it. It is/was not the case with my windows 10 computers.
Do someone can confirm me that this new behavior is normal woth windows11? Can we disable it ?
I have a temporary workaround that set a value in the registry but Intune policy overwrite it regularly.

As a remember :
Context : intune/bitlocker/windows11/removable devices

Thank you all,


I currently have a similar issue except my MECM is not co-managed. I have one policy that that encrypts the OS and any fixed drives that works fine. I created another policy that adds the removable drive encryption to it. On the this one, OS and fixed drives encrypt but when inserting a USB drive no encryption pop-up? Is there something I'm missing. Forgot to mention, I'm using 2207 and Windows 10 22H2 - maybe should be moved to a new or different thread?


  • Setup_Cipher.JPG
    40.2 KB · Views: 0
  • Rem_Drive_A.JPG
    48.8 KB · Views: 0
  • Rem_Drive_B.JPG
    24.1 KB · Views: 0
Last edited: