In this blog post I wanted to highlight and run through the process of another blog post written by Oliver Kieselbach to be able to post provision Silent BitLocker with a TPM and PIN protector.

As I highlighted in Part 6, Silent Bitlocker only deploys with a TPM protector. Some organizations still require a PIN configuration and therefore the transition from either an On-Premises deployment of BitLocker with Group Policy, MBAM or SCCM to the Intune may prove a little more challenging and raise more questions why the functionality for the deployment of BitLocker is not exactly the same

Read this blog by Oliver Kieselbach, who explains so of the reasons behind this

To be able to set a TPM and PIN protector after BitLocker has deployed you can create download and deploy this Intune package mentioned in Oliver’s blog

SetBitLockerPin – Intune Win32 app files
https://github.com/okieselbach/Intune/tree/master/Win32/SetBitLockerPin

Simply follow the instructions on the blog post on how to prepare the package and deploy it so users will be prompted for a PIN. You will see the TPM protector get replaced by a TPM and PIN protector