none
BitLocker TPM Issue

    Question

  • Hi all,

    Having a bit of an issue with enabling BitLocker on Windows 8 Enterprise, I have a HP EliteBook 8760w with the Infinion TPM. When trying to enable BitLocker I get the following error message: 'The Trusted Platform Module (TPM) on this computer doesn't work with the current BIOS. Contact the computers manufacturer for BIOS upgrade instructions.', I am running the latest BIOS for the system and I have reset and taken ownership of the TPM.

    The really odd part is I have been running Windows 8.1 Enterprise on this laptop previously and was able to activate BitLocker without an issue.

    Any help would be appreciated.

    Thanks

    Greg

    Wednesday, August 21, 2013 10:19 PM

Answers

  • Hi,

    I resolved the issue by reinstalling Windows 8 Enterprise with out UEFI enabled, it would appear that HPs UEFI does not play well with TPM/BitLocker on older machines (2011 EliteBook Workstation). Unfortunately it is a requirement for me to use the TPM with BitLocker.

    Greg

    Friday, August 23, 2013 10:27 AM

All replies

  • Hi,

    Firstly, please  try the method below to check the TPM status on your machine.

    Click on Start --> Type "tpm.msc" --> Press Enter. This will open the Trusted Platform Module manager.

    When you are working with the Trusted Platform Module Management console, you should note the TPM status and the TPM manufacturer information. The TPM status indicates the exact state of the TPM. The TPM manufacturer information shows whether the TPM supports specification version 1.2. Support for TPM version 1.2 or later is required.

    BitLocker supports TPM version 1.2. BitLocker does not support previous versions of TPMs. Version 1.2 TPMs provide increased standardization, security enhancement, and improved functionality over previous versions. In addition, you must use a Microsoft-provided TPM driver. To check the TPM driver provider, click Start, type devmgmt.msc in the Search programs and files box, and then press ENTER to open Device Manager. Right-click the TPM, and click Properties. Click the Driver tab, and verify that the Driver Provider field displays Microsoft.

    Thursday, August 22, 2013 8:51 AM
    Moderator
  • Hi Roger,

    The TPM is version 1.2 and the laptop in question has had BitLocker enabled previously, this was while running Windows 8.1 Enterprise. I have since reset the TPM and formatted the HDD and installed Windows 8 Enterprise, it is now that I am having the issues with the error message stating that the BIOS and TPM are not compatible.

    I cannot see why the TPM and BIOS would work fine under Win 8.1 Ent and not under Win 8 Ent. Have there been any major changes to BitLocker or the way TPMs are access in Windows 8.1?

    Greg

    Thursday, August 22, 2013 9:44 AM
  • Hi,

    1. You can refer to the link below for more details about the new functhion of Bitlocker in Windows 8.1.

    http://technet.microsoft.com/en-us/library/dn306081.aspx

    2. Please try the method of the link below to fix your problem.

    http://www.wave.com/support/trusted-platform-module-tpm-disabled-unavailable-or-locked-1

    3. if the problem presists, you can use the workaround method to encrypt your drive by Bitlocker without TPM.

    http://rics.partners.org/show_article.php?id=274

    Friday, August 23, 2013 3:04 AM
    Moderator
  • Hi,

    I resolved the issue by reinstalling Windows 8 Enterprise with out UEFI enabled, it would appear that HPs UEFI does not play well with TPM/BitLocker on older machines (2011 EliteBook Workstation). Unfortunately it is a requirement for me to use the TPM with BitLocker.

    Greg

    Friday, August 23, 2013 10:27 AM
  • I ignored this entry in the Google search page because this was a 5 year post.

    I can tell you that this is still relevant as I was updating an 2560p with exactly the same issue even with the latest 2018 BIOS found at https://support.hp.com/sg-en/document/c05869091

    In such case, TPM was not fully functional and BitLocker cannot save the decryption key to TPM. The error I got was "tcg event log is empty or cannot be read" at tpm.msc.

    So forget about it, UEFI/GPT style booting on similar models do not work well with TPM/BitLocker even with the latest BIOS/OS.

    I disabled UEFI and installed Windows 10 1803 on MBR booting, TPM doesn't complain on tpm.msc and BitLocker works beautifully. Much time wasted on this old model which did not fully support TPM on UEFI booting. On newer models though, UEFI works beautifully with TPM and BitLocker.


    • Proposed as answer by chanchan Friday, May 18, 2018 7:15 AM
    • Edited by chanchan Friday, May 18, 2018 7:20 AM Clarity
    Friday, May 18, 2018 7:14 AM