Resources/IntuneFiles/HardeningPolicies/BitLocker.json
|
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies/$entity", "createdDateTime": "2025-12-01T08:22:51.1590489Z", "creationSource": null, "description": "BitLocker Category", "lastModifiedDateTime": "2025-12-01T08:22:51.1590489Z", "name": "BitLocker", "platforms": "windows10", "priorityMetaData": null, "roleScopeTagIds": [ "0" ], "settingCount": 13, "technologies": "mdm", "id": "1b9608b7-0a0b-42de-acd1-51ac250aae22", "templateReference": { "templateId": "", "templateFamily": "none", "templateDisplayName": null, "templateDisplayVersion": null }, "settings": [ { "id": "0", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_policy_config_power_allowstandbystateswhensleepingonbattery", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_policy_config_power_allowstandbystateswhensleepingonbattery_0", "children": [] } } }, { "id": "1", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_policy_config_power_allowstandbywhensleepingpluggedin", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_policy_config_power_allowstandbywhensleepingpluggedin_0", "children": [] } } }, { "id": "2", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_encryptionmethodbydrivetype", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_encryptionmethodbydrivetype_1", "children": [ { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_encryptionmethodbydrivetype_encryptionmethodwithxtsfdvdropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_encryptionmethodbydrivetype_encryptionmethodwithxtsfdvdropdown_name_7", "children": [] } }, { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_encryptionmethodbydrivetype_encryptionmethodwithxtsosdropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_encryptionmethodbydrivetype_encryptionmethodwithxtsosdropdown_name_7", "children": [] } }, { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_encryptionmethodbydrivetype_encryptionmethodwithxtsrdvdropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_encryptionmethodbydrivetype_encryptionmethodwithxtsrdvdropdown_name_7", "children": [] } } ] } } }, { "id": "3", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_fixeddrivesencryptiontype", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_fixeddrivesencryptiontype_1", "children": [ { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_fixeddrivesencryptiontype_fdvencryptiontypedropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_fixeddrivesencryptiontype_fdvencryptiontypedropdown_name_1", "children": [] } } ] } } }, { "id": "4", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesenhancedpin", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesenhancedpin_1", "children": [] } } }, { "id": "5", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesminimumpinlength", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesminimumpinlength_1", "children": [ { "@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesminimumpinlength_minpinlength", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "simpleSettingValue": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue", "settingValueTemplateReference": null, "value": 10 } } ] } } }, { "id": "6", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesdisallowstandarduserscanchangepin", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesdisallowstandarduserscanchangepin_1", "children": [] } } }, { "id": "7", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesencryptiontype", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesencryptiontype_1", "children": [ { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesencryptiontype_osencryptiontypedropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesencryptiontype_osencryptiontypedropdown_name_1", "children": [] } } ] } } }, { "id": "8", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_1", "children": [ { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configurenontpmstartupkeyusage_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configurenontpmstartupkeyusage_name_0", "children": [] } }, { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configuretpmpinkeyusagedropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configuretpmpinkeyusagedropdown_name_2", "children": [] } }, { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configuretpmstartupkeyusagedropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configuretpmstartupkeyusagedropdown_name_2", "children": [] } }, { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configurepinusagedropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configurepinusagedropdown_name_2", "children": [] } }, { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configuretpmusagedropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_systemdrivesrequirestartupauthentication_configuretpmusagedropdown_name_0", "children": [] } } ] } } }, { "id": "9", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_removabledrivesconfigurebde", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_removabledrivesconfigurebde_1", "children": [ { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_removabledrivesconfigurebde_rdvallowbde_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_removabledrivesconfigurebde_rdvallowbde_name_1", "children": [ { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_removabledrivesencryptiontype", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_removabledrivesencryptiontype_1", "children": [ { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_removabledrivesencryptiontype_rdvencryptiontypedropdown_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_removabledrivesencryptiontype_rdvencryptiontypedropdown_name_1", "children": [] } } ] } } ] } }, { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_removabledrivesconfigurebde_rdvdisablebde_name", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_removabledrivesconfigurebde_rdvdisablebde_name_1", "children": [] } } ] } } }, { "id": "10", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_removabledrivesrequireencryption", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_removabledrivesrequireencryption_0", "children": [] } } }, { "id": "11", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_policy_config_admx_windowsexplorer_showhibernateoption", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_policy_config_admx_windowsexplorer_showhibernateoption_1", "children": [] } } }, { "id": "12", "settingInstance": { "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance", "settingDefinitionId": "device_vendor_msft_bitlocker_requiredeviceencryption", "settingInstanceTemplateReference": null, "auditRuleInformation": null, "choiceSettingValue": { "settingValueTemplateReference": null, "value": "device_vendor_msft_bitlocker_requiredeviceencryption_1", "children": [] } } } ] } |