I am looking into deploying Bitlocker company wide here in the next few months. From the results Ive found so far it seems that controlling Bitlockers configuration via GPO is going to be the easiest. But I need some help enabling it via script pushed by the same GPO.
Either WMI or powershell, however I do prefer powershell. But here's my hangup: Not all of the hosts have TPM support, so the single script should enable BL and use TPM if present or use PIN if not.