Jump to content


SCCM-Guy

Enable TPM & Take Ownwership plus Bitlocker Failure during Windows 10 1511 OSD

Recommended Posts

Hello,
I am new here but I have been following windows-noob.com for a very long time. You have amazing content.

 

I am Running SCCM 2012 R2 SP1 CU2 environment with MDT 2012 SP1 integrated plus I have WADK 10.0.10240.16384.

 

I have build a Task Sequence below which works flawless on Dell OptiPlex 7040 and E5450. The only issue I have is when the deployment is completed. The bitlocker is not enabled and TPM says " tpm is ready for use with reduced functionality".

 

TPM is enabled in BIOS, UEFI is selected, Secure Boot is enabled as well.

 

Any help is appreciated on how to initiate TPM during OSD and enable bitlocker.

 

 

Thanks for all the help

 

post-32853-0-82813800-1453525706.png

post-32853-0-71735400-1453525719_thumb.png

Share this post


Link to post
Share on other sites
I am new here but I have been following windows-noob.com for a very long time. You have amazing content.

 

 

thanks and welcome!

 

as to your problem can you attach your smsts*.log files please so we can see what happens during the enable bitlocker step ?

 

also here's an older post but goes into detail about getting your TPM ready for the enable bitlocker step on Dell computers

Share this post


Link to post
Share on other sites

Hello and thank you for replying back. I went through your steps and most of the steps doesn't apply to Windows 10 deployment. My environment completes successfully and it doesn't leave any smsts.log. I will see if I can find one and send it to you. Any help is appreciated. Meanwhile I build a .bat script to enable bitlocker and add a recovery key post imaging but I can't find the powershell script to take ownership of TPM so it doesn't keep asking for recovery key after every restart.

If you have a powershell script please share.

 

Bitlocker enable script

 

@echo off

CD\

cd Windows\System32

Manage-bde.exe -protectors -add c: -RecoveryPassword

Manage-bde.exe -on c:

Edited by SCCM-Guy

Share this post


Link to post
Share on other sites

if the os completes successfully or not there will be an smsts.log

look in C:\Windows\CCM\Logs

 

do you see it there ? we need the smsts*.log in order to see why it's failing on the enable bitlocker step.

Share this post


Link to post
Share on other sites

Hello

Thank you for the reply, I have been busy making some changes and seems like finally I found the issue. I believe my answer file was stopping the task sequence to move complete successfully and it would stop before installing and initializing configuration manager client and enable bitlocker. When I did this on a windows 10 iso it worked fine except the TPM still shows " TPM is ready for use with reduced functionality". I also was hoping if you have a task sequence zip file I can use for your previous post since that is for windows 7 and most of the steps are old.

 

Thanks

 

Need windows 10 Task Sequence .zip file please

https://www.windows-noob.com/forums/topic/3875-customising-windows-7-deployments-part-5/

Share this post


Link to post
Share on other sites

those are the wrong logs, we need to see the SMSTS*.log files (which are what is generated during OSD)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...