Unsolved
This post is more than 5 years old
4 Posts
1
3591
Dell USB-C Dock (WD15) and Bitlocker on Windows 7
We have the Latitude 5480, Skylake chipset and TPM 1.2. Have UEFI enabled and after installing Windows 10 I can connect the WD15 without any Bitlocker issues.
I loaded Win7 on the same system (UEFI enabled with Legacy Option ROMS enabled) and the OS works fine but I get prompted for Bitocker recovery key when I reboot with the dock connected (imaged without the dock).
I called Dell support and they said it is not their problem, contact Microsoft. Microsoft Support recommended that I go back to Legacy mode but that does not work either. I upgraded to TPM 2.0 with UEFI and that allows boot cycles without getting the Bitlocker recovery key prompt.
Has anyone else experienced this? If so, have you had success in automating the firmware update to TPM 2.0?
scottjames2
4 Posts
0
September 27th, 2017 07:00
Our company has this exact same issue with the same devices. The only thing I'll add is that whatever state the dock is in when the encryption completes (connected or disconnected) is the state it has to be in to boot from that point on. If we enable bitlocker while the dock is plugged in it always has to be plugged in to boot, and vice/versa. If we encrypt it without a dock, it can never be plugged in during boot up.
shab44
4 Posts
0
December 21st, 2017 15:00
Did you find a solution?
scottjames2
4 Posts
0
December 21st, 2017 17:00
Yes, kind of. I excluded BIOS from TPM validation.
First, decrypt the drive.
Next, open gpedit and navigate to Computer Configuration > Administrative Templates > Windows Components > Bitlocker Drive Encryption > Operating System Drives.
You need to select Configure TPM Platform Validation for either BIOS or UEFI (depending on your drive). Once you open the config settings, uncheck PCR 2:Option ROM Code.
Now re-encrypt the drive and it should ignore the dock connection at bootup.