This setting allows you to configure the number of days that users can delay complying with MBAM policies for their operating system drive. After this grace period expires, users will not be able to postpone the required action or request an exemption from it.
The grace period begins when the operating system is first detected as noncompliant. This grace period is the same for all users of the same computer, regardless of when each user logs on. Specifying a grace period of 0 will force the encryption process to begin immediately on the operating system drive.
If the grace period expires and the operating system drive is still not compliant, users will not be presented with the option to postpone the required action or request an exemption. If the encryption process requires user input, a dialog box will appear that users cannot close until they provide the required information. Further notifications, such as error messages or encryption status, will not have the same restriction.
Specifying a grace period of 0 will enforce the policy immediately on the operating system drive.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Microsoft\FVE\MDOPBitLockerManagement |
Value Name | UseOsEnforcePolicy |
Value Type | REG_DWORD |
Enabled Value | 1 |
Disabled Value | 0 |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Microsoft\FVE\MDOPBitLockerManagement |
Value Name | OsEnforcePolicyPeriod |
Value Type | REG_DWORD |
Default Value | 0 |
Min Value | 0 |
Max Value | 730 |