none
Windows 10 Bitlocker encryption & Dell Latitude 7480's. RRS feed

  • Question

  • We're trying to install Microsoft Bitlocker encryption on some Dell Latitude 7480's with both Windows 10 Enterprise 64  bit 1607 & 1703.  They have the latest bios update 1.4.6 on May 31 but a Microsoft error comes up - Bitlocker could not be enabled.  The Bitlocker encryption key cannot be obtained from the Trusted Platform module (TPM).  C: drive was not encrypted.  Has anyone else seen this?
    Wednesday, June 7, 2017 8:18 PM

Answers

All replies

  • Type the following command:

    tpm.msc

    What do you see?

    Also make sure your BIOS is updated.


    S.Sengupta, Windows Insider MVP


    Thursday, June 8, 2017 2:03 AM
  • Hi ,

    I found some similar cases from DELL and Lenovo forum. Both of them indicates that replace or swap the motherboard will fix this issue. It could be caused by a faulty TPM. So, I suggest you contact DELL support to confirm that as you are using Dell Latitude 7480.
    https://forums.lenovo.com/t5/ThinkCentre-A-E-M-S-Series/Win-10-and-Bitlocker-on-M700/td-p/3318974
    http://en.community.dell.com/support-forums/security/f/5053/t/19988374
    NOTE: This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites.

    Best regards


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by MikeK321 Thursday, July 6, 2017 12:26 PM
    Thursday, June 8, 2017 6:47 AM
    Moderator
  • When I go into TPM.msc I get a message saying the TPM is active but with reduced functionality.  Here's a screenshot

    TPM screenshot


    • Edited by MikeK321 Friday, June 9, 2017 8:13 PM
    Thursday, June 8, 2017 11:58 AM
  • I have contacted Microsoft there's something going on in that Microsoft is using a TPM 2.0 driver from 2006.  I'm thinking its a Dell bios configuration issue.  When the laptops come in we need to be able to pxe boot each laptop to our sccm 2016 server.  We have to turn off secure boot & UEFI mode and put the laptop in legacy mode.  Once we do that we can install Windows 10.  Once 10 is installed in order to do Bitlocker we have to go back into the Bios turn on UEFI & SecureBoot.  I did that with the the Latitude 7480 and now the hard drive is not booting up after doing all that work.  There are so many configuration options between the Dell Bios & using Bitlocker.


    • Edited by MikeK321 Thursday, June 8, 2017 1:56 PM edited
    Thursday, June 8, 2017 11:59 AM
  • You can probably close this. We need to resolve this with Dell. Its a bios config issue between UEFI and legacy booting.
    • Proposed as answer by -Mr Happy- Friday, June 9, 2017 8:50 PM
    • Marked as answer by MikeK321 Tuesday, June 13, 2017 3:40 PM
    Friday, June 9, 2017 8:14 PM
  • Hi ,

    Hope Dell have more resource to help you. Now, please "mark it as answer" to close the case and it will help other community members who have similar issues find the helpful information quickly, give them some hints.

    Best regards


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, June 13, 2017 10:11 AM
    Moderator
  • Can you make sure that imaging was done via UEFI mode only. Because TPM 2.0 support only UEFI. 

    Before imaging make sure UEFI mode is set in BIOS and Legacy & Secure boot is Off. 

    Thursday, July 6, 2017 9:13 AM
  • I have contacted Microsoft there's something going on in that Microsoft is using a TPM 2.0 driver from 2006.  I'm thinking its a Dell bios configuration issue.  When the laptops come in we need to be able to pxe boot each laptop to our sccm 2016 server.  We have to turn off secure boot & UEFI mode and put the laptop in legacy mode.  Once we do that we can install Windows 10.  Once 10 is installed in order to do Bitlocker we have to go back into the Bios turn on UEFI & SecureBoot.  I did that with the the Latitude 7480 and now the hard drive is not booting up after doing all that work.  There are so many configuration options between the Dell Bios & using Bitlocker.


    This is exactly our issue! Did you ever get this resolved?

    http://about.me/mikevirata

    Thursday, October 12, 2017 6:23 PM
  • I know this is an old thread but I stumbled on this thread prior to one that contained the solution and wanted to link that here.

    https://social.technet.microsoft.com/Forums/Lync/en-US/7a1e40af-27b3-4610-9907-0138c6381c27/an-error-occurred-while-applying-mbam-policies?forum=win10itprosecurity

    https://social.technet.microsoft.com/Forums/office/en-US/ba4ce501-c3fa-40bf-8db1-c3422a5dfc0a/event-id-2-the-system-cannot-find-the-file-specified?forum=mdopmbam

    On the problem client, do the following

    • Open an elevated command prompt, Run as Admin.
    • cd C:\Windows\System32\Recovery
    • Rename the file ReAgent.xml to ReAgent.old (ren ReAgent.xml ReAgent.old)
    • Reboot machine and restart the BitLocker encyption process via MBAM agent

    Tuesday, October 23, 2018 11:57 AM