Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 7 subscribers
  • Views 10632 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bitlocker not encrypting, bad password?

Steven Spray

Hi all

I'm having a problem encrypting one of our laptops.

I have installed all three packages; Prerequisite, Client setup and Client config. I have successfully contacted the SafeGuard server, synced and registered the user. When the laptop gets rebooted for a final time, just before encryption kicks off, I receive a Windows error message stating that "Bitlocker could not be enabled" followed soon by a Sophos error message stating that the pin I entered before reboot was not the same as the pin I entered at boot. I have attached both screenshots to this thread.

                  

Now, I have tried...

1) To manually enabled/activate Bitlocker but Sophos keeps taking ownership of this upon the next reboot and the problem is realised again.
2) Enter basic/simple passwords like qwerty or 1234567890 so I know for sure I entered it correctly and to avoid the EN-US keyboard hubub shortcoming of Bitlocker.
3) Reinstall all three packages.

But I still get the same issue.

Any ideas anyone?

Thanks for reading



This thread was automatically locked due to age.
Parents
  • 0

    Dear Steven,

    it looks like Win10, right? Sorry if i missed it.

    We had this problem when we imaged our latest Lenovo laptops with Win10 while on the laptops the security chip TPM 2.0 (INTEL-PPT) was activated and our W10 image was installed in "Legacy" mode because of our "old" SCCM server (not SCCM vNext).

    This is normally not an error from Safeguard Enterprise. We were also not able to activate bitlocker without Safeguard Enterprise software installed. The solution for them moment was to change the BIOS security chip (screenshot) settings from TPM 2.0(INTEL PPT-latest TPM) to TPM 1.2 (discrete TPM-still save). After that everything works fine. Maybe it´s not bad to clear the secure chip too.

    With SCCM vNext you should be able to install Win10 in "UEFI" mode and TPM 2.0 activated. At the moment I can not confirm this. So it tepends on how you install Win10.

    Hope this helps.

    Best regards

    Alf

     

     

     

     

Reply
  • 0

    Dear Steven,

    it looks like Win10, right? Sorry if i missed it.

    We had this problem when we imaged our latest Lenovo laptops with Win10 while on the laptops the security chip TPM 2.0 (INTEL-PPT) was activated and our W10 image was installed in "Legacy" mode because of our "old" SCCM server (not SCCM vNext).

    This is normally not an error from Safeguard Enterprise. We were also not able to activate bitlocker without Safeguard Enterprise software installed. The solution for them moment was to change the BIOS security chip (screenshot) settings from TPM 2.0(INTEL PPT-latest TPM) to TPM 1.2 (discrete TPM-still save). After that everything works fine. Maybe it´s not bad to clear the secure chip too.

    With SCCM vNext you should be able to install Win10 in "UEFI" mode and TPM 2.0 activated. At the moment I can not confirm this. So it tepends on how you install Win10.

    Hope this helps.

    Best regards

    Alf

     

     

     

     

Children
No Data
Unfiltered HTML