DeJeon Jones Posted August 6, 2019 Report Share Posted August 6, 2019 Hey guys so i'm having a bit of troubles getting BitLocker to enable on first login. I'm currently using this script which I found here on Smart Deploy "manage-bde.exe -on C : -RecoveryPassword -SkipHardwareTest" We have setup the group policy, and I have made sure that TPM is enabled in the machines BIOS, but it doesn't seem to want to enable BitLocker. When I take that script and try to run it manually to see if its running into any issues, and i do get something back, I have attached an image. So i'm wondering if there is something wrong with the cmd line. I'm wondering if there is different script I should use to get it to start the encryption and store the key to AD. Thanks for the help guys! Link to comment Share on other sites More sharing options...
SmartDeploySupport Posted August 6, 2019 Report Share Posted August 6, 2019 Looks like you're using Windows 10 1607? Perhaps the command is different in that old version?... manage-bde /on /? Is the option -RecoveryPassword or -Password ? In newer versions of Windows 10, it's -RecoveryPassword Link to comment Share on other sites More sharing options...
DeJeon Jones Posted August 6, 2019 Author Report Share Posted August 6, 2019 2 minutes ago, SmartDeploySupport said: Looks like you're using Windows 10 1607? Perhaps the command is different in that old version?... manage-bde /on /? Is the option -RecoveryPassword or -Password ? In newer versions of Windows 10, it's -RecoveryPassword Correct we are using Enterprise 1607. When I run that command it does give both -RecoveryPassword and -Password in the list Link to comment Share on other sites More sharing options...
SmartDeploySupport Posted August 6, 2019 Report Share Posted August 6, 2019 Oh, probably TPM related... it's asking for a StartupKey or Password because it can't use the TPM. Can you verify the TPM is functional in tpm.msc? Link to comment Share on other sites More sharing options...
DeJeon Jones Posted August 6, 2019 Author Report Share Posted August 6, 2019 3 minutes ago, SmartDeploySupport said: Oh, probably TPM related... it's asking for a StartupKey or Password because it can't use the TPM. Can you verify the TPM is functional in tpm.msc? Hmm, It stats that a compatible TPM cannot be found. I have verified that TPM 1.2 is Enabled in the bios, but it still does not see the TPM. Link to comment Share on other sites More sharing options...
jonaswest_bnv Posted August 9, 2019 Report Share Posted August 9, 2019 I think thats GPO related, you have to enable the use of TPM without additional PIN. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now