seanblee
1 Copper

BitLocker and Secure Boot on Latitude E7440

I'm attempting to enable BitLocker on a Latitude E7440 running Windows 8.1. The system is in UEFI mode with Secure Boot enabled, so I'd like to use Secure Boot for integrity validation. I have the appropriate GPO set, but if I try to enable the TPM protector, I get the following warning event in the BitLocker-API management event log: BitLocker cannot use Secure Boot for integrity because the expected TCG Log entry for variable 'SecureBoot' is missing or invalid. This is immediately followed by: BitLocker determined that the TCG log is invalid for use of Secure Boot. The filtered TCG log for PCR[7] is included in this event. The system therefore ends up configured with a regular platform validation profile instead of using Secure Boot. Is this a problem with the firmware on the Atmel TPM on the system, or is it something else?
0 Kudos
2 Replies
8 Xenon

RE: BitLocker and Secure Boot on Latitude E7440

There is some information here

http://social.technet.microsoft.com/Forums/windows/en-US/eb3d8a4e-9257-4dd4-b15a-988a149145e4/window...

which suggests it may be a hardware problem with the mainboard.

0 Kudos
cesj
1 Copper

RE: BitLocker and Secure Boot on Latitude E7440

Sorry to be hitting an old post, but I was wondering if you ever had any sort of resolution on this issue.  I am facing the same errors on a Precision M4800 machine.  Unfortunately my system doesn't seem to actually encrypt the drive.  When the computer restarts the drive isn't encrypted and bitlocker seems to completely ignore the volume (Manage Bitlocker GUI won't launch and manage-bde on the command line indicates the volume cannot be encrypted).

0 Kudos