Bitlocker without TPM

All replies

• 

  

  0

  Sign in to vote

  Hi JohnnyOH,

  Pleas Note: Afterwards modifying the GPO, you need to run gpupdate /force command or restart  to take effect.

  Check if your steps below:

  You can use the Group Policy Editor to set this option.

  1. Press the WinKey+R to display the Open dialog.

  2. Type gpedit.msc in the Open: box and click OK.

  3. In the Group Policy Editor, navigate to  Computer Configuration/Administrative Templates/Windows Components/BitLocker Drive Encryption/Operating System Drives.

  4. Right Click the Require additional authentication at startup policy and select Edit.

  5. Click the Enabled option.

  6. In the Options section, place a check mark in the Allow BitLocker without a compatible TPM option.

  7. Click Apply/OK and exit the Group Policy Editor.

  

  More information, please follow this blog:

  Securing Windows 10 with BitLocker Drive Encryption

  https://blogs.msdn.microsoft.com/mvpawardprogram/2016/01/12/securing-windows-10-with-bitlocker-drive-encryption/

  ---

  Please remember to mark the replies as answers if they help.
  If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

  
  
  

  • Edited by Karen_HuMicrosoft contingent staff Tuesday, August 1, 2017 7:30 AM

  Tuesday, August 1, 2017 2:31 AM
• 

  

  0

  Sign in to vote

  Johnny, sometimes, you will have to wait some seconds after you set the policy before you retry. It could really be just a timing issue.

  Tuesday, August 1, 2017 7:24 AM
• 

  

  0

  Sign in to vote

  Not only have I done a "gpupdate /force" as well as several reboots, it has been two days and the issue persists. It is not related to the policy not being applied.

  Tuesday, August 1, 2017 12:58 PM
• 

  

  0

  Sign in to vote

  Please confirm that once more by running rsop.msc

  Rsop will list all policy settings that are applied.

  • Proposed as answer by Ronald Schilf Wednesday, August 9, 2017 9:29 AM

  Tuesday, August 1, 2017 1:02 PM
• 

  

  0

  Sign in to vote

  Hi.

  Please check problem for apply GPO.

  How to Use the Group Policy Results (GPResult.exe) Command Line Tool

  How to use BitLocker Drive Encryption on Windows 10

  PS. I'm Use Bitlocker without TPM, but with usb key. No problem.

  ---

  MCITP, MCSE. Regards, Oleg

  • Edited by Oleg.Kovalenko Tuesday, August 1, 2017 1:07 PM
  • Proposed as answer by Karen_HuMicrosoft contingent staff Wednesday, August 9, 2017 9:28 AM

  Tuesday, August 1, 2017 1:03 PM
• 

  

  0

  Sign in to vote

  I went through all the settings but opted to go through and setup a physical machine with TPM. In practice, we will be using machines with TPM. I was trying to get things moving by staging all the other Bitlocker settings in a VM.

  Thursday, August 17, 2017 5:52 PM
• 

  

  0

  Sign in to vote

  Hi.

  I hope you know :)

  Planning for Hyper-V Security for Windows 2008/2012

  Important: Use BitLocker Drive Encryption in the Hyper-V parent partition only. Because BitLocker Drive Encryption is not supported within a VM, do not run BitLocker Drive Encryption on a virtual machine.

  BitLocker is not supported on bootable VHDs, but BitLocker is supported on data volume VHDs, such as those used by clusters, if you are running Windows 8, Windows 8.1, Windows Server 2012 or Windows Server 2012 R2.

  Bitlocker is support only VM with Hyper-V Windows 2016. Shielded VMs in Windows Server 2016 or VmWare BitLocker support in a virtual machine (2036142)

  ---

  MCITP, MCSE. Regards, Oleg

  Tuesday, August 22, 2017 12:01 AM