Removing ADE v1.1

Azure Disk Encryption leverages BitLocker to provide full disk encryption on Azure virtual machines running Windows. This solution is integrated with Azure Key Vault to manage disk encryption keys and secrets in your key vault subscription.

There are two versions of extension schema for Azure Disk Encryption (ADE):

• v2.2 - A newer recommended schema that does not use Azure Active Directory (AAD) properties.
• v1.1 - An older schema that requires Azure Active Directory (AAD) properties.

Under certian conditions, such as migration, v1.1 encryption needs to be removed and then later reinstated using v1.2. The below script removes this encryption readying the server for migration or modification:

$VMName = "Virtual-Machine-Name"
$VM = Get-AzVM -Name $VMName

#View Current Disk Encryption
Get-AzVmDiskEncryptionStatus -ResourceGroupName $VM.ResourceGroupName -VMName $VM.Name

#Remove Disk Encryption
Disable-AzVMDiskEncryption -ResourceGroupName $VM.ResourceGroupName -VMName $VM.Name</code></pre>