New-CMBLEncryptionMethodPolicy
Create a policy to configure the algorithm and cipher strength used by BitLocker Drive Encryption on Windows 8.1 devices.
Syntax
Default (Default)
New-CMBLEncryptionMethodPolicy
[-PolicyState <State>]
[-EncryptionMethod <EncryptionMethod>]
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[<CommonParameters>]
Description
Create a policy to configure the algorithm and cipher strength used by BitLocker Drive Encryption on Windows 8.1 devices. This policy is applied when you turn on BitLocker. If the drive is already encrypted, or if encryption is in progress, changing the encryption method has no effect.
For Windows 10 devices, use the New-CMBLEncryptionMethodWithXts cmdlet.
Examples
Example 1: New enabled policy with AES 256-bit encryption
This example creates a policy that's enabled and specifies AES 256-bit encryption.
New-CMBLEncryptionMethodPolicy -PolicyState Enabled -EncryptionMethod AES256
Parameters
-DisableWildcardHandling
This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-EncryptionMethod
Specify one of the encryption methods for BitLocker to use when it encrypts drives. AES 128-bit (Aes128) is the default value.
Parameter properties
| Type: | EncryptionMethod |
| Default value: | None |
| Accepted values: | Aes128Diffuser, Aes256Diffuser, Aes128, Aes256 |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ForceWildcardHandling
This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PolicyState
Use this parameter to configure the policy.
Enabled: If you enable this policy, use the -EncryptionMethod parameter to specify an encryption algorithm and key cipher strength. BitLocker uses these settings to encrypt drives.DisabledorNotConfigured: If you disable or don't configure this policy, BitLocker uses the default encryption method of AES 128-bit.
Parameter properties
| Type: | State |
| Default value: | None |
| Accepted values: | Enabled, Disabled, NotConfigured |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.