none
Can't enable BitLocker on c:\ drive RRS feed

  • Question

  • Hello,
    Previously the machine was using 3rd party disk encryption. After it was decrypted and I check TPM.MSC, I see that it shows the following:

    It's worth mentioning that the machine in question already has some BitLocker settings applied through GPO. The delivered settings are minimal and basic and supplying the following settings:

    Computer Configuration\Administrative Templates\Windows Components\Windows Security\Device security
    Disable TPM clear button
    Hide the TPM Firmware Update recommendation

    Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive EncryptionChoose drive encryption method and cipher strength (Windows 10 [Version 1511] and later)

    Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data DrivesDeny write access to fixed drives not protected by BitLocker
    Setting:  Enable

    Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data DrivesEnforce drive encryption type on fixed data drives
    Setting: 
     Enable – Full encryption

    Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data DrivesChoose how BitLocker-protected fixed drives can be recovered 
    Setting: 
     BitLocker recovery information will be saved to Active Directory

    Results of:
    Get-TPM

    Starting encryption:

    Error after reboot:

    What I'm missing?


    Memento Mori

    lundi 4 novembre 2019 15:03

Toutes les réponses