none
Problem with Bitlocker in Windows 10 Enterprise Build 1803 RRS feed

  • Question

  • Hello!

    Problem computer in domain but Bitlocker encrypting process incorrectly starts. No such problems were in Windows 7 Enterprise and Windows 10 Enterprise Build 1703. Computer connected in network. When starts encrypting process Run Bitlocker it must ask for PIN at first, but in 1803 it don't do this but say that will prepare hard disk for Bitlocker. No Prepare shown in 1703 and Windows 7 when Run Bitlocker start process. Where is problem? If there is something configured in server and how to avoid this?

    Due this problem Bitlocker is creating one more unneeded partition!
    Friday, December 28, 2018 2:01 PM

All replies

  • See:


    How to Enable a Pre-Boot BitLocker PIN on Windows


    You can use the manage-bde command line to enable.

    manage-bde: status


    S.Sengupta,Microsoft MVP Windows and Devices for IT, Windows Insider MVP


    Saturday, December 29, 2018 2:15 AM
  • By default, no OS, no version will ever ask for a PIN.

    If you have imposed GPOs to require a pre-boot PIN, those need to be applied to 1803 as well and they will work the same way as anyone can easily prove.

    BL will always need an extra partition apart from c:, there is no way around. That has nothing to do with 1803.

    Sunday, December 30, 2018 10:01 PM
  • Hi,

     

    Asking for PIN may be due to a change in Group Policy. You could refer to the following picture to edit it through Group Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives.

     

    Regarding to the unneeded partition, please see the answer in the following link:

    https://superuser.com/questions/915238/what-is-this-recovery-partition-for-on-a-fresh-installation-of-windows

     

    Note: This is a third-party link and we do not have any guarantees on this website. And Microsoft does not make any guarantees about the content.

     

    Hope these are helpful


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, December 31, 2018 3:28 AM
    Moderator
  • Hi,

    Was your issue solved?

    If yes, would you like to share your solution in order that other community members could find the helpful reply quickly.

    If no, please reply and tell us the current situation in order to provide further help.

    Best


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, January 2, 2019 2:13 AM
    Moderator
  • Hello!

    Happy New Year!

    Issue is not resolved!

    I cannot understand there are computers other which has been installed with 1803 added in DOMAIN and then runnded process Turn On Bitlocker in Control Panel and computers imideality asked what PIN will be for computers. Policies are already keeped from Windows Server! The same on some other computers Turn On Bitlocker informed that there is need prepaire Disk for Bitlocker! I compared Policies directories FVE and TPM are the same and correct comparing with other computers on which Bitlocker asked aleready for PIN.

    After prepaire Hard Diks for Bitlocker system is moving Windows RE to new partition. This process was not on computers where was asked already for PIN! Yes and then asked what PIN I want to use!

    On these computers whre system don't made process Prepaire Hard Disk for Bitlocker was not and nothing was need to do and there is no need to anything in Group Policy locally!!! Nothing was need to do in 1703 and Windows 7!

    Any solutions?



    • Edited by Girtszelt Wednesday, January 2, 2019 6:54 AM
    Wednesday, January 2, 2019 6:53 AM
  • Hi,

     

    You could try entering the following command in the Command  prompt and press Enter:

    manage-bde -protectors -add C: -tpm

     

    This will reconfigure BitLocker into using just the TPM and delete the PIN as well.  

     

    Hope these are helpful.


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, January 4, 2019 3:19 AM
    Moderator
  • Any other solutions when I Turn On Bitlocker it Window will ask to Enter PIN which will be daily used! I am asking because looks like it is anomaly why PIN is not asked because everything is correct!

    Before encryption run manage-bde -protectors -add C: -tpm?


    • Edited by Girtszelt Monday, January 14, 2019 2:31 PM
    Monday, January 14, 2019 2:28 PM