Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 7 subscribers
  • Views 24449 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

BitLocker configuration error

BrandonLafferty

When attempting to configure clients the encryption process is not displayed to the user. I have to manually go into the Control Panel and turn on BitLocker. This is not the situation I want however because then the recovery keys are not managed by the Safeguard server. But I went with it to see what would happen. After going through the BitLocker stuff and choosing my pin I was prompted with a Safeguard window asking to create a pin and that my machine would restart. So I thought okay, maybe I'm getting somewhere. Restarted my machine to receive the following error "The BitLocker encryption key cannot be obtained. Verify that the TPM is enabled and ownership has been taken. If this computer does not have a TPM, verify that the USB drive is inserted and available". I went into the TPM management console and it tells me the TPM is ready for use. Clearing the TPM hasn't proven to help either.

 

Any help at all would be appreciated please!

 

-Brandon



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi Brandon,

    Have you tried changing the owner password or resetting the TPM lockout from TPM.msc? Sometimes this helps (depending on the cause).
    You might want to check you don't have anything like FastBoot/RapidBoot/QuickBoot enabled, ensure that is set to Thorough/Full depending on the wording from your vendor. If that fails check the BIOS boot order is (1) HDD and (2) USB with no other devices enabled.

Reply
  • FormerMember
    0 FormerMember

    Hi Brandon,

    Have you tried changing the owner password or resetting the TPM lockout from TPM.msc? Sometimes this helps (depending on the cause).
    You might want to check you don't have anything like FastBoot/RapidBoot/QuickBoot enabled, ensure that is set to Thorough/Full depending on the wording from your vendor. If that fails check the BIOS boot order is (1) HDD and (2) USB with no other devices enabled.

Children
  • 0 in reply to FormerMember

    Hi Toby,

    I checked the BIOS and the boot order is correct. Fast boot is set to Thorough. Regarding the TPM I have went through a clear and resetting the TPM lockout. I do not recall setting an owner password for the TPM. I attempted to change the owner password and it wants a file. I did not create one. The TPM was only initialized for BitLocker prior to that it had never been configured.

     It might be important to know that the Data packets prepared for transmission keep going up. I'm currently at 4.

    I attached the error I'm getting after I clear the TPM and reboot. I also attached a capture of the TPM management console and the status of the Safeguard client.

     

    Thanks,

    Brandon

     

  • 0 in reply to FormerMember

    Going into the Event viewer there is listings related to the TPM. "The Trusted Platform Module (TPM) hardware failed to execute a TPM command" with an Event ID of 17.

  • 0 in reply to FormerMember

    Hi Toby,

     

    Sorry for the multiple posts, I just wanted to keep you updated on what has been happening since I am still trying things.

     

    I have a clean Windows 10 machine and I installed the client on that machine. Everything went through fine with it no errors or anything. On the troubled machine, I uninstalled all of the software related to the client, removed it from the Safeguard Management Center, and then went into the BIOS and deactivated the TPM. I then installed the client software again, it prompted me to activate the TPM chip by clicking restart, when I restarted I wasn't prompted with anything.

     

    Thanks,

    Brandon

Unfiltered HTML