This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos SGE Bitlocker on Windows 8.1 - Mainboard change

Hi Sophos Community,

I´ve the first case of an defective Lenovo T530 Notebook which is encrypted Sophos (v6.10 Bitlocker). I wasn´t able to save any data from the old TPM chip.

Is there any knowledgebase article, what to do, to recover the current settings to the new TPM chip or do I have to decrypt the HDD and reencrypt the HDD?

Thanks

kind regards

Marcus

:55500


This thread was automatically locked due to age.
Parents
  • Hi Melchor,

    there is currently no Knowledge Base Article for this topic available yet - i'll make sure to publish one shorty.

    Anyway, the process is pretty straightforward:

    1) After replacing the T530s mainboard, switch on the machine and enter the BIOS to make sure that the TPM chip is enabled (Security -> Security Chip ->" - Current Setting = Active")

    2) Boot up the machine, when prompted to enter the BitLocker PIN, press "ESC for BitLocker recovery"

    3) Open the SafeGuard Management Center, select "Tools" > "Recovery" > select the machine you want to recover and press "next" - choose the "Boot volume" and you will be presented with the BitLocker recovery key.

    4) Enter the BitLocker recovery key to boot the machine and logon to the machine

    5) You will be automatically prompted by SafeGuard to set a new PIN for the Boot Volume*

    Done.

    *Please note: If you see "You must initialize the Trusted Platform Module (TPM) before you can use BitLocker Drive Encryption)", open TPM management (Start | run | tpm.msc) and select "Prepare the TPM" in the action pane on the right. 

    Hope that helps.

    Regards,

    ChrisD

    :55517
Reply
  • Hi Melchor,

    there is currently no Knowledge Base Article for this topic available yet - i'll make sure to publish one shorty.

    Anyway, the process is pretty straightforward:

    1) After replacing the T530s mainboard, switch on the machine and enter the BIOS to make sure that the TPM chip is enabled (Security -> Security Chip ->" - Current Setting = Active")

    2) Boot up the machine, when prompted to enter the BitLocker PIN, press "ESC for BitLocker recovery"

    3) Open the SafeGuard Management Center, select "Tools" > "Recovery" > select the machine you want to recover and press "next" - choose the "Boot volume" and you will be presented with the BitLocker recovery key.

    4) Enter the BitLocker recovery key to boot the machine and logon to the machine

    5) You will be automatically prompted by SafeGuard to set a new PIN for the Boot Volume*

    Done.

    *Please note: If you see "You must initialize the Trusted Platform Module (TPM) before you can use BitLocker Drive Encryption)", open TPM management (Start | run | tpm.msc) and select "Prepare the TPM" in the action pane on the right. 

    Hope that helps.

    Regards,

    ChrisD

    :55517
Children
No Data