How do you make SGN take over the TPM if the TPM was disabled when Bitlocker first encrypted?

Question

Windows 10, SGN 8, TPMs, and not previously encrypted before SGN activated Bitlocker. 
 Two of our sites all had the TPMs disabled when we rolled out to them so they had to set up PINs. For the moment I don't want them to have to enter PINs. I turned on a TPM and enabled it, and now Windows reports it is active. 
 The machine still wants a PIN at boot. 
 All policies for TPM Only are enabled. All of the workstations whose TPMs were enabled at initial install and encryption are working as expected. 
 Do I need to do something like clear it from within Windows?

MichaelMcLannahan · Accepted Answer

I think Haridoss has cleared it up, but it is possible to tell BitLocker to use TPM only again, but make sure you've already have the correct policy assigned to the machine, otherwise SafeGuard will just over-write it again! 
 
 Launch an admin command prompt 
 
 manage-bde -protectors -add C: -tpm 
 
 This will set TPM (not TPM AND PIN) as a key protector and will then not prompt for a PIN

james63 · Answer

Thanks @MichaelMcLannahan you got me pointed in the right direction. All of the policies are set up right, this site for whatever reason just had all of the TPMs disabled in BIOS when I pushed SGN client to the workstations at that site. Like I said in first post, the TPMs are properly enabled, but this was not until After the initial encryption. 
 This machine turned out to be Password protected, not PIN protected, as though the OS were a data drive. 
 I got it, and without decrypting the volume, but it turned out to be a little more involved, and some of what I did is probably a bit round-about, but here were the steps, mixed CMD/PowerShell: 
 Suspended the BitLocker protection from the control panel. 
 Tried to add the TPM protector: 
 C:\WINDOWS\system32>manage-bde -protectors -add C: -tpm 
 ..This returned that the volume was actually PASSWORD protected, not PIN, and it said something to the effect that changing from Password to TPM would mean first dropping the password which would leave it with no protectors which wasn't possible. 
 Fine. I tried to add a PIN protector by its self so that I could remove the Password Protector. It said no way, you can't have that combo. add TPM+PIN? Nope. 
 So I went looking for other protectors it would let me use alongside Password so that I could remove Password. 
 manage-bde &ndash;protectors -add C: -startupkey C: 
 ..This worked, added a startup key on the C drive. I was remoted to the machine and so couldn't hook up a flash drive, but that is fine because I never planned to actually USE this protector and protection was suspended. ..The same again for a numeric Recovery Password protector. 
 So now we have three protectors: 
 C:\WINDOWS\system32>manage-bde -protectors -get c: BitLocker Drive Encryption: Configuration Tool version 10.0.15063 Copyright (C) 2013 Microsoft Corporation. All rights reserved. 
 Volume C: [] All Key Protectors 
 Numerical Password: ID: {8F4F016A-3...TheNumericalPasswordGUID} Password: 123456-123456-123456-123456-123456-123456-123456-123456 
 Password: ID: {CF2B86D6-B...ThePasswordGUID} 
 External Key: ID: {CA64190D-B...TheExternalKeyGUID} External Key File Name: CA64190D-B...TheExternalKeyGUID.BEK 
 ...the password protector needs to go (numerical password is what it called the recovery protector), so removed by GUID 
 PS C:\WINDOWS\system32> Remove-BitLockerKeyProtector C: -KeyProtectorId "{CF2B86D6-B...ThePasswordGUID}" 
 ...Checked the active protectors 
 C:\WINDOWS\system32>manage-bde -protectors -get c: BitLocker Drive Encryption: Configuration Tool version 10.0.15063 Copyright (C) 2013 Microsoft Corporation. All rights reserved. Volume C: [] All Key Protectors 
 Numerical Password: ID: {8F4F016A-3...TheNumericalPasswordGUID} Password: 123456-123456-123456-123456-123456-123456-123456-123456 
 External Key: ID: {CA64190D-B...TheExternalKeyGUID} External Key File Name: CA64190D-B...TheExternalKeyGUID.BEK 
 ...Password is gone! With no password to conflict with the TPM, 
 C:\WINDOWS\system32>manage-bde -protectors -add c: -TPM BitLocker Drive Encryption: Configuration Tool version 10.0.15063 Copyright (C) 2013 Microsoft Corporation. All rights reserved. 
 Key Protectors Added: TPM: ID: {6E742B10-3TheTPM_GUID} PCR Validation Profile: <the profiles> 
 With the TPM protector added I removed the Numerical Password and External Key protectors by GUID, which left only TPM. 
 Re-enabled protection, rebooted now it's TPM only, without decrypting the drive.