Policy

Reset platform validation data after BitLocker recovery

This policy setting allows you to control whether or not platform validation data is refreshed when Windows is started following BitLocker recovery. If you enable this policy setting, platform validation data will be refreshed when Windows is started following BitLocker recovery. If you disable this policy setting, platform validation data will not be refreshed when Windows is started following BitLocker recovery. If you do not configure this policy setting, platform validation data will be refreshed when Windows is started following BitLocker recovery.

Policy
Pack Microsoft Windows
Category Windows Components / BitLocker Drive Encryption / Operating System Drives
Policy ID fb06c7f2805b
Internal name TPMAutoReseal_Name

Registry

Copy registry mappings

HKLM\Software\Policies\Microsoft\FVE\TPMAutoReseal (enabled) = 1
HKLM\Software\Policies\Microsoft\FVE\TPMAutoReseal (disabled) = 0

Policy notes

This policy setting allows you to control whether or not platform validation data is refreshed when Windows is started following BitLocker recovery. If you enable this policy setting, platform validation data will be refreshed when Windows is started following BitLocker recovery. If you disable this policy setting, platform validation data will not be refreshed when Windows is started following BitLocker recovery. If you do not configure this policy setting, platform validation data will be refreshed when Windows is started following BitLocker recovery.

Related policies

Allow devices compliant with InstantGo or HSTI to opt out of pre-boot PIN.Allow enhanced PINs for startupAllow network unlock at startupAllow Secure Boot for integrity validationChoose how BitLocker-protected operating system drives can be recoveredConfigure minimum PIN length for startupConfigure pre-boot recovery message and URL