none
Cannot enable Bitlocker on after replacing OS RRS feed

  • Question

  • I reinstalled Windows 10 after replacing the factory installed spinning hard drive with a SSD. I had previously been able to encrypt the hard drive with BitLocker. When I attempt to enable BitLocker on the SSD however I get a message stating "The startup options on this PC are configured incorrectly. Contact your system administrator for more information.

    I appreciate anyone's thoughts on what might be wrong.

    Thanks,

    Ed

    Thursday, June 28, 2018 11:13 PM

All replies

  • Hi!

    You could check the Local Group Policy if the following is enabled:

    Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives

    Setting: Enable use of BitLocker authentication requiring preboot keyboard has to be enabled In Group Policy

    Enable it, then open up a command prompt and run a gpupdate /force


    See if this helps.


    Best regards,
    Leon


    Blog: https://thesystemcenterblog.com LinkedIn:

    Thursday, June 28, 2018 11:24 PM
  • Hi ED,

    From my search, some users fix the same issue by enabling Enable use of BitLocker authentication requiring preboot keyboard input on slates in GPO.  This must be enabled on tablet type devices if you want to force a pin input.

    This GPO is located in Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives

    Regards


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, June 29, 2018 1:26 AM
    Moderator
  • We have not heard from you in a couple of days. Please post back at your convenience if we can assist further.

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, July 6, 2018 9:08 AM
    Moderator
  • Thanks for everyone's assistance. Changing the local policy did allow me to get further. Now however I get a message stating that my device can't use a Trusted Platform Module. I know the device has one. Do I need to contact the device manufacturer?
    Friday, July 13, 2018 6:18 PM
  • Please enable this GPO and retry:

    open gpedit.msc -> computer configuration/Administrative Templates/Windows Components/BitLocker Drive Encryption/Operating System DrivesEnable use of BitLocker authentication requiring preboot keyboard input on slates – ->Enabled

    Monday, October 8, 2018 9:57 AM