none
Bitlocker/no TPM/enabled the no TPM option, still getting error

    Question

  • Hello all,

    I have a Toshiba Satellite T135-S1310 which uses an Intel U4100 1.3 GHz processor.  This model does not have a disk drive, so it comes factory partitioned with the D: drive playing an HDD recovery role much like a netbook.  I need to fully encrypt both the C: and D: drives- the D: drive only needs to be password protected, but I need to have a startup key for the C: drive.  I have already (repeatedly) gone through the procedure in the group adminstrator policy to enable use of Bitlocker without a TPM, and of the 5 computers (all the same model) I am only able to enable Bitlocker on one of the C: drives (so I know it can be done), and all of the D: drives.  I am still getting the "A compatible TPM was not found" error despite changing the policy- with and without restarts.  Help?

    Monday, January 10, 2011 8:15 PM

Answers

  • Ravenna,

    Just to make sure. Did you enable the following Group Policy setting?

    Computer\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives\Require additional authentication at startup and selected the option Allow BitLocker without a compatible TPM

    If you did so, then you can try enabling BitLocker from an elevated command prompt using the following command:

    c:\Windows\System32\manage-bde.exe -on C: -sk <drive>: -rp

    Replace <drive> with the drive letter of the USB drive where you will be storing the startup password.


    Ray - Author of Windows 7 for XP Professionals
    Wednesday, January 19, 2011 11:51 PM

All replies

  • You may refer:

    Using Microsoft BitLocker Drive Encryption Without A TPM Chip

    Important Note: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    Wednesday, January 12, 2011 6:51 AM
    Moderator
  • I should have put in my OS, sorry.  I'm using Win 7 Ultimate.  The reference you linked to appears to be for Vista users, and my computer does not show the Control Panel option in the Bitlocker Drive Encryption folder.
    Heidi Corrado
    Wednesday, January 12, 2011 5:33 PM
  • Ok, I tried the gpupdate.exe, and I am still getting the "you don't have a TPM" error.  Somebody please help?  These drives must be encrypted as they will contain medical data.
    Heidi Corrado
    Monday, January 17, 2011 4:34 PM
  • Ravenna,

    Just to make sure. Did you enable the following Group Policy setting?

    Computer\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives\Require additional authentication at startup and selected the option Allow BitLocker without a compatible TPM

    If you did so, then you can try enabling BitLocker from an elevated command prompt using the following command:

    c:\Windows\System32\manage-bde.exe -on C: -sk <drive>: -rp

    Replace <drive> with the drive letter of the USB drive where you will be storing the startup password.


    Ray - Author of Windows 7 for XP Professionals
    Wednesday, January 19, 2011 11:51 PM