Jump to content

Recommended Posts

Hey guys so i'm having a bit of troubles getting BitLocker to enable on first login. I'm currently using this script which I found here on Smart Deploy "manage-bde.exe -on C : -RecoveryPassword -SkipHardwareTest" 

We have setup the group policy, and I have made sure that TPM is enabled in the machines BIOS, but it doesn't seem to want to enable BitLocker. 

When I take that script and try to run it manually to see if its running into any issues, and i do get something back, I have attached an image. 

So i'm wondering if there is something wrong with the cmd line. I'm wondering if there is different script I should use to get it to start the encryption and store the key to AD.

Thanks for the help guys!

1st Error.PNG

Link to comment
Share on other sites

2 minutes ago, SmartDeploySupport said:

Looks like you're using Windows 10 1607?  Perhaps the command is different in that old version?...

manage-bde /on /?

Is the option -RecoveryPassword or -Password ?  In newer versions of Windows 10, it's -RecoveryPassword

Correct we are using Enterprise 1607. When I run that command it does give both -RecoveryPassword and -Password in the list

Link to comment
Share on other sites

3 minutes ago, SmartDeploySupport said:

Oh, probably TPM related... it's asking for a StartupKey or Password because it can't use the TPM.  Can you verify the TPM is functional in tpm.msc?

Hmm, It stats that a compatible TPM cannot be found. I have verified that TPM 1.2 is Enabled in the bios, but it still does not see the TPM.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...