I have a Dell XPS 15 9570 laptop that a user had manually activated BitLocker before we applied Sophos Device Encryption. I turned off encryption with the BL key he had saved, and then tried to apply Sophos encryption - got error that BL could not be enabled. I looked in TPM.msc, all looked fine, used it to clear the TPM. Still no joy with Sophos. Then I went into BIOS and cleared TPM from there several times. I also tried disabling, reboot, then enabling TPM from BIOS.
We have many of these machines doing just fine with Sophos encryption, but they had never been manually BitLocked. My Sophos Endpoint is up to date, Device Encryption 2.1.217. PC running Win 10, 21H1, all Dell drivers are up to date. If I go direct to BitLocker, it allows me to start the process to turn it on and wants me to set up a new key, so it seems the TPM is cleared.
Any ideas on how to make it like the TPM had never been used?
This thread was automatically locked due to age.