Jump to content


Sign in to follow this  
braken666

SCCM 2012 - Bitlocker in Task seqeunce

Recommended Posts

Hello having major trouble with enabling bitlocker in my task sequence, been trying to follow various sites to help fix

I use the Islaptop, IsDesktop to apply specific types of TPM

The strange thing is when the enable laptop tpm, fails and goes onto the desktop the bitlocker process seems to have started when I try to right click resume the process the following error appears

WIZARD initialization has failed

One or more Bitlocker key protectors are required. You cannot delete the last key on the this drive

am I missing something

I have tried various different ways of getting this to work and I know AD is setup correctly and these laptops are supported as we did all bitlocker tasks successfully with MDT

I have done a copy of the SMSTS file below HELP PLEASE

<![LOG[start executing an instruction. Instruction name: Enable BitLocker - Laptop. Instruction pointer: 19]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="engine.cxx:140">
<![LOG[set a global environment variable _SMSTSCurrentActionName=Enable BitLocker - Laptop]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="executionenv.cxx:662">
<![LOG[set a global environment variable _SMSTSNextInstructionPointer=19]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="executionenv.cxx:662">
<![LOG[set a local default variable OSDBitLockerPIN]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="executionenv.cxx:694">
<![LOG[set a global environment variable _SMSTSLogPath=C:\WINDOWS\CCM\Logs\SMSTSLog]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="executionenv.cxx:662">
<![LOG[Evaluating an AND expression]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="tsexpreval.cpp:600">
<![LOG[Evaluating a variable condition expression]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="tsexpreval.cpp:783">
<![LOG[Variable = IsLaptop]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="tsexpreval.cpp:801">
<![LOG[Value = True]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="tsexpreval.cpp:802">
<![LOG[Operator = equals]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="tsexpreval.cpp:803">
<![LOG[Expand a string: equals]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="utility.cpp:790">
<![LOG[Expand a string: IsLaptop]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="utility.cpp:790">
<![LOG[Expand a string: True]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="utility.cpp:790">
<![LOG[The variable condition expression is evaluated to be TRUE]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="tsexpreval.cpp:907">
<![LOG[The AND expression is evaluated to be TRUE]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="tsexpreval.cpp:633">
<![LOG[The condition for the action (Enable BitLocker - Laptop) is evaluated to be true]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="instruction.cxx:715">
<![LOG[Expand a string: OSDBitLocker.exe /enable /wait:False /mode:TPMAndPIN /pwd:AD]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="executionenv.cxx:776">
<![LOG[Expand a string: ]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="executionenv.cxx:776">
<![LOG[Command line for extension .exe is "%1" %*]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="commandline.cpp:229">
<![LOG[set command line: OSDBitLocker.exe /enable /wait:False /mode:TPMAndPIN /pwd:AD]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="commandline.cpp:732">
<![LOG[start executing the command line: OSDBitLocker.exe /enable /wait:False /mode:TPMAndPIN /pwd:AD]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="instruction.cxx:731">
<![LOG[!--------------------------------------------------------------------------------------------!]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="instruction.cxx:760">
<![LOG[Expand a string: FullOS]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="0" thread="1104" file="executionenv.cxx:776">
<![LOG[Executing command line: OSDBitLocker.exe /enable /wait:False /mode:TPMAndPIN /pwd:AD]LOG]!><time="10:34:06.112-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="commandline.cpp:828">
<![LOG[==============================[ OSDBitLocker.exe ]==============================]LOG]!><time="10:34:06.128-60" date="08-24-2016" component="OSDBitLocker" context="" type="1" thread="3200" file="main.cpp:349">
<![LOG[Command line: "OSDBitLocker.exe" /enable /wait:False /mode:TPMAndPIN /pwd:AD]LOG]!><time="10:34:06.128-60" date="08-24-2016" component="OSDBitLocker" context="" type="1" thread="3200" file="main.cpp:350">
<![LOG[initialized COM]LOG]!><time="10:34:06.128-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="main.cpp:361">
<![LOG[Command line for extension .exe is "%1" %*]LOG]!><time="10:34:06.128-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="commandline.cpp:229">
<![LOG[set command line: "OSDBitLocker.exe" /enable /wait:False /mode:TPMAndPIN /pwd:AD]LOG]!><time="10:34:06.128-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="commandline.cpp:732">
<![LOG[Target volume not specified, using current OS volume]LOG]!><time="10:34:06.128-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="main.cpp:247">
<![LOG[Current OS volume is 'C:']LOG]!><time="10:34:06.128-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="main.cpp:249">
<![LOG[succeeded loading resource DLL 'C:\WINDOWS\CCM\1033\TSRES.DLL']LOG]!><time="10:34:06.144-60" date="08-24-2016" component="OSDBitLocker" context="" type="1" thread="3200" file="util.cpp:970">
<![LOG[Protection is OFF]LOG]!><time="10:34:06.144-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="bitlocker.cpp:1506">
<![LOG[Volume is fully encrypted]LOG]!><time="10:34:06.144-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="bitlocker.cpp:1537">
<![LOG[Creating key protectors]LOG]!><time="10:34:06.144-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="bitlocker.cpp:1548">
<![LOG[FALSE, HRESULT=80004005 (e:\nts_sccm_release\sms\framework\tscore\tpm.cpp,130)]LOG]!><time="10:34:06.175-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="tpm.cpp:130">
<![LOG[unable to find instance of 'Win32_Tpm'. Ensure that this device has a Trusted Platform Module which is enabled in the BIOS.]LOG]!><time="10:34:06.175-60" date="08-24-2016" component="OSDBitLocker" context="" type="3" thread="3200" file="tpm.cpp:130">
<![LOG[pTpm->Initialize(), HRESULT=80004005 (e:\nts_sccm_release\sms\client\osdeployment\bitlocker\bitlocker.cpp,450)]LOG]!><time="10:34:06.175-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="bitlocker.cpp:450">
<![LOG[No suitable TPM found (0x80004005)]LOG]!><time="10:34:06.175-60" date="08-24-2016" component="OSDBitLocker" context="" type="3" thread="3200" file="bitlocker.cpp:450">
<![LOG[initializeTpm(), HRESULT=80004005 (e:\nts_sccm_release\sms\client\osdeployment\bitlocker\bitlocker.cpp,1313)]LOG]!><time="10:34:06.175-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="bitlocker.cpp:1313">
<![LOG[ConfigureKeyProtection( keyMode, pwdMode, pszStartupKeyVolume ), HRESULT=80004005 (e:\nts_sccm_release\sms\client\osdeployment\bitlocker\bitlocker.cpp,1552)]LOG]!><time="10:34:06.175-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="bitlocker.cpp:1552">
<![LOG[pBitLocker->Enable( argInfo.keyMode, argInfo.passwordMode, argInfo.sStartupKeyVolume, argInfo.bWait ), HRESULT=80004005 (e:\nts_sccm_release\sms\client\osdeployment\bitlocker\main.cpp,382)]LOG]!><time="10:34:06.175-60" date="08-24-2016" component="OSDBitLocker" context="" type="0" thread="3200" file="main.cpp:382">
<![LOG[Process completed with exit code 2147500037]LOG]!><time="10:34:06.190-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="commandline.cpp:1124">
<![LOG[!--------------------------------------------------------------------------------------------!]LOG]!><time="10:34:06.190-60" date="08-24-2016" component="TSManager" context="" type="1" thread="1104" file="instruction.cxx:814">
<![LOG[Failed to run the action: Enable BitLocker - Laptop.
Unspecified error (Error: 80004005; Source: Windows)]LOG]!><time="10:34:06.190-60" date="08-24-2016" component="TSManager" context="" type="3" thread="1104" file="instruction.cxx:921">

post-33952-0-04605300-1472111487.jpg

Share this post


Link to post
Share on other sites

I had the same problem. So I enabled Bitlocker//MBAM with a group policy.

That is working fine.

Share this post


Link to post
Share on other sites

More investigation it looks like the TPM driver is appearing under the system devices not under security devices, does any one know why this would be happening?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...