The feature described is a revamp of the Windows Device Lock/Unlock process. Here are the key points about this feature:

1. Device Locking Mechanism: The feature addresses the need for a robust device locking mechanism on Windows machines. It aims to lock devices at the system level rather than just individual user accounts, ensuring that even domain users are locked out when the device is locked.

2. TPM and Non-TPM Devices: The implementation considers both TPM-enabled and non-TPM devices. For TPM-enabled devices, the TPM protector is removed, prompting the user to enter a recovery key upon reboot. For non-TPM devices, the password protector is removed, achieving the same effect.

3. Encryption and Recovery: The device will not be fully encrypted when the lock command is issued. Encryption resumes after entering the recovery key on the next reboot. A callback for the PIN (recovery key) is added, and a device unlock command is sent to stop asking for the recovery key on reboot.

4. Implementation Details: The implementation involves changes to the BitLocker management process, ensuring that the device lock and unlock commands are handled efficiently and securely.

This feature enhances the security and management capabilities of Windows devices within the Swif platform, providing a more comprehensive device lock solution for enterprise environments . For details, please visit Windows Device Lock/Unlock Behavior with BitLocker Policies.