Search the Community
Showing results for tags 'bitlocker encryption'.
Found 2 results
Hi There, Anyone here has hands-on experience on implement Bit-Locker To-Go? In my environment we use SCCM CB-1902 and MBAM server & client. We have single drive in all the client and it has been protected using MBAM agent. Now looking for encryption the removal disc \USB automatically, when it insert. How can I achieve this? Please free to ask me, if required more information. BR, Biju
Hi all, Before I start off. This is a best-practice type of question. The situation below works but I'm unhappy because I need to enable the Continue on Error option for it to work and I was wondering if anyone has a better way of achieving my goals. In our organization we normally have 1 disk per system, be it workstation or laptop. All systems are Bitlockered during OSD. This week we purchased 2 new workstations however with 2 disks: 1 500GB SSD (Boot, OS - disk 0) and 1 2TB HDD (disk 1). I built a TS for OSD. Tweaked some steps for Bitlocker. Ran OSD. Crashed and burned. Status so far: - Pre-provisioning works for disk 0 and disk 1 - Bitlocker fails to encrypt disk 1 The failure code is : 0x000000FF (255) Log file and a screenshot of the TS are included. Short explanation of the TS. - Disk 0 is partitioned with a 300MB bootpart and remaining space is the OS partition. The latter receives variable: OSPART - Disk 1 is 1 partition, variable: DISK2 - @ Enable Bitlocker OS drive has the following options: Current OS drive, TPM only, ADDS backup, wait for BL to complete... - @ Enable Bitlocker D: Specific drive: D:, ADDS backup, wait for BL to complete... The step that fails (oddly) is the Enable BL OS Drive step, with the following message: Failed to run the action: Enable BitLocker OS Drive. The extended attributes are inconsistent. (Error: 000000FF; Source: Windows) TSManager 29-May-2015 11:58:29 3836 (0x0EFC). If you then boot to OS the funny thing you find is that the failure results in the OS drive being fully encrypted but the other disk has BL suspended. So technically it fails to encrypt the other disk. When the Continue on Error option is ticked at the Enable BL OS drive step: All good! Everything is encypted as it should be. Please have a look at the excerpt of the smsts.log and if anyone has any ideas: I'm all ears. BL.log