Jump to content


Elscorpio

Enabling Bitlocker encryption / SCCM 2012 SP1

Recommended Posts

Hi

 

Does anyone know what the below error indicates from the smts.log file ? Please also see attached screenshot from my task sequence in SCCM

 

Executing command line: smsswd.exe /run: cmd.exe /c %windir%\system32\bdeHdCfg.exe -target default -size 300 -quiet TSManager 03-09-2014 16:17:23 6256 (0x1870)
[ smsswd.exe ] InstallSoftware 03-09-2014 16:17:23 2876 (0x0B3C)
PackageID = '' InstallSoftware 03-09-2014 16:17:23 2876 (0x0B3C)
BaseVar = '', ContinueOnError='' InstallSoftware 03-09-2014 16:17:23 2876 (0x0B3C)
ProgramName = 'cmd.exe /c C:\WINDOWS\system32\bdeHdCfg.exe -target default -size 300 -quiet' InstallSoftware 03-09-2014 16:17:23 2876 (0x0B3C)
SwdAction = '0001' InstallSoftware 03-09-2014 16:17:23 2876 (0x0B3C)
Getting linked token InstallSoftware 03-09-2014 16:17:23 2876 (0x0B3C)
failed to get the linked token information. It may not be available. Error 1312 InstallSoftware 03-09-2014 16:17:23 2876 (0x0B3C)
Working dir 'not set' InstallSoftware 03-09-2014 16:17:23 2876 (0x0B3C)
Executing command line: Run command line InstallSoftware 03-09-2014 16:17:23 2876 (0x0B3C)
Process completed with exit code 3231711239 InstallSoftware 03-09-2014 16:19:04 2876 (0x0B3C)
BitLocker Drive Preparation Tool version 6.1.7601 InstallSoftware 03-09-2014 16:19:04 2876 (0x0B3C)
InstallSoftware 03-09-2014 16:19:04 2876 (0x0B3C)
opyright © 2006-2008 Microsoft Corporation. InstallSoftware 03-09-2014 16:19:04 2876 (0x0B3C)
InstallSoftware 03-09-2014 16:19:04 2876 (0x0B3C)
InstallSoftware 03-09-2014 16:19:04 2876 (0x0B3C)
Command line returned 3231711239 InstallSoftware 03-09-2014 16:19:04 2876 (0x0B3C)
Process completed with exit code 3231711239 TSManager 03-09-2014 16:19:04 6256 (0x1870)
!--------------------------------------------------------------------------------------------! TSManager 03-09-2014 16:19:04 6256 (0x1870)
Failed to run the action: Create BitLocker partition.
Unknown error (Error: C0A00007; Source: Unknown) TSManager 03-09-2014 16:19:04 6256 (0x1870)
Set authenticator in transport TSManager 03-09-2014 16:19:04 6256 (0x1870)
Set a global environment variable _SMSTSLastActionRetCode=-1063256057 TSManager 03-09-2014 16:19:05 6256 (0x1870)
Set a global environment variable _SMSTSLastActionSucceeded=false TSManager 03-09-2014 16:19:05 6256 (0x1870)
Clear local default environment TSManager 03-09-2014 16:19:05 6256 (0x1870)
Failed to run the action: Create BitLocker partition. Execution has been aborted TSManager 03-09-2014 16:19:05 6256 (0x1870)
Set authenticator in transport TSManager 03-09-2014 16:19:05 6256 (0x1870)
Failed to run the last action: Create BitLocker partition. Execution of task sequence failed.
Unknown error (Error: C0A00007; Source: Unknown) TSManager 03-09-2014 16:19:05 6256 (0x1870)
Set authenticator in transport TSManager 03-09-2014 16:19:05 6256 (0x1870)

 

 

post-19256-0-88581700-1409754382_thumb.jpg

Share this post


Link to post
Share on other sites

do you get the same error if you specify

bdeHdCfg.exe -target default -size 300 -quiet

instead (without the path)

Share this post


Link to post
Share on other sites

Hi Niall

 

I have tried the modified version of Microsofts sample Bitlocker .vbs script that is available here:

 

http://www.niallbrady.com/2012/10/17/enabling-bitlocker-via-a-script-on-non-english-windows-7-installations-fails/

 

Unfortunately it fails with the same error, even though we have enabled the 6 AD Schema objects needed for TPM backup:

http://technet.microsoft.com/en-us/library/dd875533(v=ws.10).aspx

 

See attached files.

 

Do you know which of these TPM schema objects I can safely delete?

 

The very odd thing is that if I switch back to English Win7SP1 Enterprise with no language pack, the script works fine.

 

The issue described here does not work in our Enterprise environment, as the needed TPM schema objects is in our AD.

 

My issue is also described here:

https://social.technet.microsoft.com/Forums/en-US/de29627d-be74-4b96-9c32-faca46b022a9/enablebitlockervbs-error-the-protectkeywithtpm-failed-with-exit-code-80310018?forum=w7itprosecurity

 

Does not apply to our AD environment as you can see from the screenshots.

 

Any solution is appreciated.

bitlocker.log

post-19256-0-23834300-1413969573_thumb.jpg

post-19256-0-51470200-1413969824_thumb.jpg

Share this post


Link to post
Share on other sites

Hi

 

I made it work with the modified script available here:

 

http://www.niallbrady.com/2012/10/17/enabling-bitlocker-via-a-script-on-non-english-windows-7-installations-fails/

 

There is one place in this script, where you have to remove "true" to true, then it will work for example under a Win7 Ent SP1 English with german lang pack, then the encryption starts fine.

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...