R730xd, BitLocker, Secure Boot, PCR7 issue
We got in a dozen R730xd servers last year that I am now encrypting with BitLocker. I've done two servers' C:\ drives and got the same problem - BitLocker says it is not using Secure Boot for integrity because issue with PCR7. On both servers (which, btw, boot fine; they do not ask for recovery key):
- R730xd with BIOS version 2.6.0
- TPM Enabled
- TPM Firmware v220.127.116.11
- TPM Advanced Settings: TPM PPI Bypass Clear: Enabled; TPM PPI Bypass Provision: Enabled; SHA256
- Secure Boot: Enabled; Standard Settings
- Legacy Video Disabled
- Windows Server 2016 Standard (GUI not Core) patched to March 22, 2018.
- TPM Management Console says TPM is ready for use.
- Device Manager shows "Trusted Platform Module 2.0" under Security Devices
- MsInfo says Secure Boot ON.
- GPO settings applied as per Exchange team article (except for backing up TPM Ownership info to AD cause W2K16 does not do that, but irrelevant to my issue). https://blogs.technet.microsoft.com/exchange/2015/10/20/enabling-bitlocker-on-exchange-servers/
- BitLocker encrypted C: just fine.
- Recovery Key backed up to AD just fine.
- manage-bde -status shows: Conversion Status: Used Space Only (as per Exchange team article); % Encrypted: 100%; Encryption Method: XTS-AES 256; Protection Status: On; Lock Status: Unlocked; Identification Field: Unknown; Key Protectors: Numerical Password, TPM.
The problem: These events in BitLocker-API Management log after C: encrypted:
- Event 812 (Warning)(twice, 18 minutes apart): BitLocker cannot use Secure Boot for integrity because the UEFI variable 'SecureBoot' could not be read. Error Message: A required privilege is not held by the client.
- Event 815 (Warning): BitLocker cannot use Secure Boot for integrity because the expected TCG Log separator entry is missing or invalid.
- Event 834 (Information): BitLocker determined that the TCG log is invalid for use of Secure Boot. The filtered TCG log for PCR is included in this event.
- Events 815 and 834 repeat together about a few times a day in the two days since encrypting C: (no pattern, e.g. no x hours apart)
In addition, manage-bde -protectors -get %systemdrive% shows TPM PCR Validation Profile: 0, 2, 4, 11 and MsInfo reports "PCR7 Configuration: Binding Not Possible."
Based on posts/articles I found researching BitLocker, Secure Boot, PCR7, I ran the following commands with the following results:
- Confirm-SecureBootUEFI: True
- Get-SecureBootPolicy: 77fa9abd-0359-4d32-bd60-28f4e78f784b Version 1 - this is correct policy, confirms not in manufacturing mode (MSFT article)
I've seen a few other similar posts (Dell and MSFT forums). What is causing issue - how to diagnose, and how to fix? Is it hardware related? (bad motherboards?) or BIOS version (but the version after 2.6.0 included the spectre fix and Intel/Dell said don't install because fix was bad.)