Encrypt devices reporting -2016281112 (Remediation failed)

A friend in the community asked if I had see the following error before in Intune. The dreaded -2016281112 (Remediation failed) error for BitLocker encryption.


It’s pretty generic, but I asked him to take a look at the BitLocker event logs and dig further. Off he went and he kept digging and scratching for a while.

Eventually, he came back and told me that the devices supplied to them were already encrypted with the XTS-AES 128-bit  algorithm and the policy set in Intune for Windows Encryption had been configured for XTS-AES 256-bit. Unfortunately, you can’t just switch algorithm, the devices need to be decrypted and then set to 256 for encryption.

Rather than do this, they accepted the default and set the Configure encryption methods setting to Not Configured.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s