TCGSecurityActivationDisabled
Applies To: Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Vista
TCGSecurityActivationDisabled specifies whether Windows® automatically configures encrypted drives (eDrives), also known as encrypted hard disk drives (eHDDs).
TCGSecurityActivationDisabled sets the Group Policy administrative template setting: Do not automatically encrypt files moved to encrypted folders. This Group Policy setting is used after Windows is installed and started up. The setting specifies, for unprovisioned eDrives, whether security should be activated on the eDrive during provisioning. Use the DisableEncryptedDiskProvisioning unattend setting for configuring the operating system installation for the target HDD.
Note
The eDrive must be configured in the unattend file by using the settings in Microsoft-Windows-Setup\DiskConfiguration\Disk. If the drives are configured manually, then the eDrive configuration policy may not be properly configured.
Values
1 |
Specifies that Windows does not automatically encrypt eDrives. |
0 |
Specifies that Windows automatically encrypts eDrives. This is the default value. |
Valid Configuration Passes
specialize
Parent Hierarchy
Microsoft-Windows-EnhancedStorage-Adm | TCGSecurityActivationDisabled
Applies To
For a list of the Windows editions and architectures that this component supports, see Microsoft-Windows-EnhancedStorage-Adm.
XML Example
The following XML output shows how to configure Windows so that Windows does not automatically encrypt eDrives.
<TCGSecurityActivationDisabled>1</TCGSecurityActivationDisabled>
See Also
Concepts
Microsoft-Windows-EnhancedStorage-Adm
DisableEncryptedDiskProvisioning
DiskConfiguration