Microsoft
Microsoft
Microsofthello Manoj,
Then is no outlined migration strategy that I am aware of, however I can share some tips below.
Within Intune, it is encouraged to utilize the device configuration profile to apply encryption settings to your devices. Here is documentation that outlines this process: https://docs.microsoft.com/en-us/mem/intune/protect/encrypt-devices#:~:text=The%20BitLocker%20profile%20in%20Endpoint%20security%20is%20a,profile%20for%20endpoint%20protection%20for%20Windows%2010%20BitLocker.
For devices that are currently encrypted with MBAM and want to save the key to Azure AD, I would recommend using the below PS example to backup the key to Azure AD. Documentation is found here: https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises
Add-BitLockerKeyProtector -MountPoint "C:" -RecoveryPasswordProtector
$BLV = Get-BitLockerVolume -MountPoint "C:"
BackupToAAD-BitLockerKeyProtector -MountPoint "C:" -KeyProtectorId $BLV.KeyProtector[0].KeyProtectorId
Also please remember to uninstall the MBAM agent so that there are no conflicts with escrowing or rotating the key. I hope this helps!
