OSD Problems with a client with Bit Locker enabled
Hi:
We have SCCM 2007 SP2 R2 in a box with W2008 R2 x64. Native Mode.
I have a TS that works well in replace and bare metal pxe scenaries.
Now, I have a sccm client that has bit locker enabled (TPM+PIN, recovery key on ADDS). When I advertised the TS to replace the OS, the TS was returning this error just before restart to boot on WINPE with my boot image:
"<![LOG[Deleting a pause cookie from registry key HKLM\Software\Microsoft\SMS\Task Sequence\System Health Agent]LOG]!><time="14:37:07.789+000" date="11-23-2009" component="TSManager" context="" type="1" thread="692" file="utils.cpp:2778">
<![LOG[kTaskSequence.DeleteValue(sComponent.c_str()), HRESULT=80070002 (e:\nts_sms_fre\sms\framework\tscore\utils.cpp,2782)]LOG]!><time="14:37:07.789+000" date="11-23-2009" component="TSManager" context="" type="0" thread="692" file="utils.cpp:2782">
<![LOG[Failed to delete registry value HKLM\Software\Microsoft\SMS\Task Sequence\System Health Agent. Error code 0x80070002]LOG]!><time="14:37:07.789+000" date="11-23-2009" component="TSManager" context="" type="2" thread="692" file="utils.cpp:2782">
<![LOG[Opening the task sequence key HKLM\Software\Microsoft\SMS\Task Sequence]LOG]!><time="14:37:07.789+000" date="11-23-2009" component="TSManager" context="" type="1" thread="692" file="utils.cpp:2920">
<![LOG[Deleting the access handle from registry key HKLM\Software\Microsoft\SMS\Task Sequence\Active Request Handle]LOG]!><time="14:37:07.789+000" date="11-23-2009" component="TSManager" context="" type="1" thread="692" file="utils.cpp:2926">
<![LOG[Stopping Task Sequence Manager service]LOG]!><time="14:37:08.148+000" date="11-23-2009" component="TSManager" context="" type="1" thread="692" file="tsmanager.cpp:487">"
As a work around, I configured Bit Locker with Suspend Protection. Now, the client can boot in WINPE but when the TS is going to format and partition the disk, this error appears:
"The task sequence execution engine failed executing the action (Partition Disk) in the group (Install Operating System) with the error code 2148270085
Action output: ss paths
Found a VDS pack
Querying for IVdsPack
Querying for volumes
Found a VDS volume
Querying for IVdsVolumeMF
Querying for access paths
Found a volume with access path 'D:\'
Querying for IVdsVolume
Querying for IVdsVolumeMF
Checking volume 'E:' for BitLocker
Checking volume 'X:' for BitLocker
Command line for extension .exe is "%1" %*
Set command line: "X:\windows\system32\diskpart.exe" /s "X:\windows\TEMP\osddiskpart.txt"
Executing command line: "X:\windows\system32\diskpart.exe" /s "X:\windows\TEMP\osddiskpart.txt"
Process completed with exit code 2148007941
0, HRESULT=800c0005 (e:\nts_sms_fre\sms\client\osdeployment\osddiskpart\main.cpp,1456)
diskpart script: ?????????????????????????????????
Diskpart.exe STDOUT:
Microsoft DiskPart version 6.1.7600
Copyright (C) 1999-2008 Microsoft Corporation.
On computer: MININT-ARRQLNF
Diskpart.exe STDERR:
Diskpart.exe failed (2148007941). Script file, stdout, and stderr saved in TS log directory.
OSDDiskPart.exe failed: 0x800c0005."
And in adittion:
"The task sequence manager could not successfully complete execution of the task sequence. A failure exit code of 16389 was returned."
I have doubts about OSD with a client with Bit Locker enabled. And I can't find an answer to these errors.
Do you know what I can do to fix my issue?
Is it supported what I'm trying to do?
Thanks in advance for your answers.
Best Regards,
Todas las respuestas
- Good morning People.
I have news. After the last error, the computer's OS wasn't working. So, I tried via PXE and it seems to be working.
Had Anyone faced this problem?
Thanks,
- Hello:
Yesterday, I installed a computer, enabled Bit Locker and tried to replace the operating system with a SCCM Task Sequence. I had no success with that.
So, I tried with PXE and I got an error when the task sequence was formating the disk: "OSDDiskPart.exe failed: 0x800c0005". After that, the OS installation crashed and the disk, I think, was in the middle of the format.
I tried again with PXE and the Task Sequence installed the computer successfully.
I need to know If it's supported what I'm trying to do: Reinstalling automatically a computer with Bit Locker enabled. ¿?
Any idea about my problem?
If you need details, let me know.
Thanks in advance people.
Regards, - have a read of this, does it help ?
http://technet.microsoft.com/en-us/library/bb632526.aspx
my SCCM step by step Guides > http://www.windows-noob.com/forums/index.php?showtopic=1064 - Hi Niall:
Thanks for the doc.
Yes, I had read that doc but I can't use it because with the Task Sequence I'm not able to configure TPM+PIN.
So, I have Bit Locker enabled with other procedure, the problem is when I want to reinstall the computer with Bit Locker enabled.
Do you understand?
Thanks, - try this
During the Install phase, directly after the "Restart to Windows PE" task, add an additional "Format and Partition Disk" task and add a condition so that it will only run if Bitlocker was detected during the State Capture phase
my SCCM step by step Guides > http://www.windows-noob.com/forums/index.php?showtopic=1064
