This post is more than 5 years old
5 Posts
0
11054
Win 7 x64 & UEFI boot vs. TPM 2.0 & Bitlocker on Opti 7040 Micro
Greetings, all! Here's one that will make you scratch your head. If you've solved this issue please enlighten us!
SCENARIO: Optiplex 7040 Micro, BIOS 1.5.10, UEFI boot for Win 7 64-bit, Win 7 Enterprise 64-bit installed OK, updated to Dell TPM 2.0 applied from here , Microsoft TPM 2.0 Hotfix 459309 for Win 7 applied from here . TPM On and Enabled in BIOS. We want this configuration for maximum security (need to be HIPPA compliant).
From Windows control panel turned on Bitlocker drive encryption (next, next, next, etc.) and Bitlocker finishes. Upon reboot the system displays "Windows is loading files..." message on screen after reboot. Nothing else happens, never loads Windows, just sits there.
Tried just about every different combination of TPM options in BIOS and no change. Even tried to clear TPM and disable TPM, same thing.
I contacted Dell Tech Direct and their solution was basically "Upgrade to Windows 10". For a number of reasons we cannot upgrade our environment to Win10. Meanwhile I have about three dozen 7040 Micros waiting to be imaged and deployed.
Next I re-did the Win 7 x64 install using Legacy boot, applied the hotfix (still TPM 2.0) and tried bitlocker again. While it was doing "Initializing the TPM security hardware" step it crashed with Error Code 0x80280285: "A problem occurred during BitLocker setup. You may need to restart BitLocker setup to continue." Nice. I have a feeling I'm going to have to back down to TPM 1.2 with Legacy Boot to get bitlocker to work on Win7-64 on this hardware.
If any of you have come across this issue and SOLVED IT please share your magic sauce of combinations of Windows & Dell patches and possibly voodoo.
Rich M. in CLE OH
RichInCLE
5 Posts
0
July 18th, 2017 07:00
Thanks MAXD for the link to that BIOS!
I upgraded my test unit and used UEFI, installed Win7-64 from image. Still has TPM 2.0.
Turned on Bitlocker and it survived after reboot!
To test again I went back to Legacy Boot, re-imaged Win7-64, same TMP 2.0. When I tried to start bitlocker it displays, "The Trusted Platform Module (TPM) on this computer does not work with the current BIOS. Contact the computer manufacturer for BIOS upgrade instructions."
So here's what we now know:
1. If you want UEFI boot for Win7-64 and use bitlocker use the new 1.6.5 BIOS and TPM 2.0
2. If you want Legacy boot for Win7-64 and use bitlocker revert to 1.5.10 BIOS and TPM 1.2. This will also work for 32-bit Win 7 (I have about 200 7040 Micros configured this way).
NEXT BIG THING: My vendor tells me Dell has discontinued the 7040 Micro; its replacement is the 7050 Micro. I wonder if I'm going to have to start from scratch on these. We're ordering them with 6th gen Intel CPUs so we can run Win 7 on them, but haven't gotten one in yet to test.
LATITUDE 5480 SAME EXACT PROBLEM! Tried BIOS 1.3.3 and BIOS 1.5.2. Should I start a new thread for this one? MAXD next time your in CLE OH I'll buy you a beer!
-Rich in CLE
maxd
2.4K Posts
0
July 8th, 2017 10:00
Possibly this urgent bios update would help:
www.dell.com/.../DriversDetails
maxd
2.4K Posts
0
July 18th, 2017 18:00
New thread ? yes
<ADMIN NOTE: Broken link has been removed from this post by Dell>
en.community.dell.com/.../20003600
Sorry, all I got.