Unsolved
This post is more than 5 years old
5 Posts
0
29593
Dell E5570 Windows 10 bitlocker problem
Laptop: Latitude E5570
Description of problem:
I am trying to encrypt a Latitude E5570 with Windows 10 bit-locker.
I have updated the BIOS to 1.3.8 using the BIOS update on the web site to the latest version,
I followed the procedures described on the DELL forums & various web sites.
I have also initialised the TPM chip & cleared / reset the BIOS to factory defaults.
When the laptop restarts it prompts for the bitlocker password :-(
It does write the password to active directory.
Does anyone have any ideas?
I have bitlocked various DELL laptops in the past without any problems, it is this particular laptop is driving me nuts. DELL technical support told me to contact Microsoft who are normally as helpful as a hole in the head.
Thanks
S.
SteveO1683
Moderator
Moderator
•
145 Posts
0
August 15th, 2016 09:00
Hello There,
Are you attempting to leverage the Dell Data Protection | Security Tools application to manage Bitlocker or are we trying to leverage the built in Windows items to turn it off and configuring it?
It sounds like the OS is not seeing the TPM chip, if you go to device manager do you see Security Devices and under that TPM, if so what version does the TPM report? If you do a run command and type services.msc do you see TPM Base Services as a service listing?
2203312
5 Posts
0
August 16th, 2016 02:00
I am trying to use the windows bit locker.
When I prepare the TPM from inside I get TPM is ready with reduced functionality.
The TPM Base services is not listed within services.msc.
The BIOS is updated to the latest as per the DELL website.
I am currently getting ‘Bitlocker could not be enabled. The Bitlocker encryption key cannot be obtained from the Trusted Platform Module (TPM). C: was not encrypted’.
The TPM is ver 2.0 and the driver is version 10.0.10240.16384
I don’t know what else to do at this stage.
2203312
5 Posts
0
August 16th, 2016 02:00
I am trying to use the windows bit locker.
When I prepare the TPM from inside I get TPM is ready with reduced functionality.
The TPM Base services is not listed within services.msc.
The BIOS is updated to the latest as per the DELL website.
I am currently getting ‘Bitlocker could not be enabled. The Bitlocker encryption key cannot be obtained from the Trusted Platform Module (TPM). C: was not encrypted’.
The TPM is ver 2.0 and the driver is version 10.0.10240.16384
I don’t know what else to do at this stage.
SteveO1683
Moderator
Moderator
•
145 Posts
0
August 17th, 2016 11:00
It sounds like the OS cannot see the TPM for whatever reason. If you do a run command and type tpm.msc does that Microsoft MMC see the TPM and allow you to turn it off or on? If it does perhaps we can try to turn the TPM Off, then on, then clear it and see if that allows you to provision BitLocker to leverage the TPM on boot.
2203312
5 Posts
0
August 18th, 2016 04:00
Ok, I ran the tpm.msc and "The TPM security hardware on this computer is ready for use, with reduced functionality". The manufacturer name: NTC Version 1.3 Specification version: 2.0
We I try to turn on Bit locker, it goes through the process of encrypting and then "Encryption complete", reboot the pc and "Enter the recovery key for this drive".
Bugger.
The key is saved in active directory.
BUT when the laptop is powered off / back on it asks for the recovery key.
:-(
2203312
5 Posts
0
August 18th, 2016 09:00
Do you have a ROI /UK number as we are in Ireland?
This is also effecting another laptop.
SteveO1683
Moderator
Moderator
•
145 Posts
0
August 18th, 2016 09:00
I found this MS support article that might help. support.microsoft.com/.../3123365
If that doesn't play out it sounds like we might have to replace the motherboard in that machine due to a faulty TPM. You can call our dedicated support queue at 877.459.7304 Ext. 4310039 and they can try to troubleshoot further but if the BIOS\UEFI configuration doesn't play out I think the next step should be to replace the motherboard.
SteveO1683
Moderator
Moderator
•
145 Posts
0
August 18th, 2016 09:00
Sure thing. All our global DSS\Exts can be found at the following KB
www.dell.com/.../SLN302833