none
Receiving Status 500 when setting RequireDeviceEncryption RRS feed

  • Question

  • When sending policies to a Windows 10 desktop machine, they succeed except for RequireDeviceEncryption.  It returns a Status of 500.  When sending to Windows 8.1 Phones or Windows 10 Phones, this succeeds.  We are wondering if Windows 10 desktops support this policy or if something else needs done for this policy to succeed?

    Sent to device

    		<Replace> 
    			<CmdID>7</CmdID> 
    			<Item> 
    				<Target> 
    					<LocURI>./Vendor/MSFT/PolicyManager/My/Security/RequireDeviceEncryption</LocURI> 
    				</Target> 
    				<Meta> 
    					<Format xmlns="syncml:metinf">int</Format> 
    				</Meta> 
    				<Data>1</Data> 
    			</Item> 
    		</Replace> 

    Received from device
    		<Status>
    			<CmdID>8</CmdID>
    			<MsgRef>1</MsgRef>
    			<CmdRef>7</CmdRef>
    			<Cmd>Replace</Cmd>
    			<Data>500</Data>
    		</Status>


    Wednesday, July 29, 2015 8:51 PM

Answers

  • Found our issue here.  Require Device Encryption requires BitLocker before it can be enabled on Windows 10 Desktop. Once we ran through the steps of enabling this, then Require Device Encryption started returning 200s for us.

    We missed this because one documentation of the CSP does not mention BitLocker:
    https://msdn.microsoft.com/en-us/library/windows/hardware/Dn904960%28v=VS.85%29.aspx

    while another version of the CSP does mention BitLocker:
    https://msdn.microsoft.com/en-us/library/windows/hardware/Dn904962(v=VS.85).aspx

    • Marked as answer by cnogee1 Thursday, August 6, 2015 3:52 PM
    Thursday, August 6, 2015 3:52 PM