Our environment is mainly Windows 7 Ent with a few Windows 10 Ent starting to trickle in. We have MDOP MBAM 2.5 SP1 integrated with SCCM 1610. Yesterday we installed the Dec Servicing Hotfix KB3198158 which appears to have installed fine. We are now trying to change the appropriate GPO settings. From what I have read online, I believe we supposed to leave the current MBAM settings in the GPO at AES-256 for Windows 7 machines. We should enable the setting in the Bitlocker Encryption section to "Choose Drive encryption method and cipher strength (windows 1511 or later) and choose XTS-AES 256 for WIndows 10 machines that are 1511 or 1607. For some reason we are not seeing this setting under the Bitlocker Encryption section. How do we get this setting to appear? Can you please help me out?
Please let me know if you need additional information.