Having issues just getting the drive to encrypt from a TS. This is on an Dell Optiplex 760 & using windows update driver for TPM 1.2.
AD schema is extended etc to accept key store & recovery
On 760 manually Dell OMCI installed Configure BIOS settings including setting BIOS password Turn on TPM in BIOS
(Powershell for dell OMCI (gwmi DCIM_BIOSService -namespace root\dcim\sysman).SetBIOSAttributes($null,$null,"Trusted Platform Module","1","BIOSPW")
reboot Enable TPM in BIOS
(powershell for OMCI (gwmi DCIM_BIOSService -namespace root\dcim\sysman).SetBIOSAttributes($null,$null,"Trusted Platform Module Activation","2","BIOSPW")
reboot Prep Drive for Bitlocker
(%windir%\system32\bdeHdCfg.exe -target default -size 300 -quiet)
Task Sequence Run Enable Bitlocker TS
(OSDBitLocker.exe /enable /wait:False /mode:TPM /pwd:AD)
I get the following error
'IsEndorsementKeyPairPresent' failed (2150105095)
TPM cannot be enabled without physical presence
Failed to run the action: Enable BitLocker.
Unspecified error (Error: 80004005; Source: Windows)
once the i know the enable works ill go back to TS'ing the lot but at present the last stage dosent work. i dont think playing with legacy hardware without windows 7 drivers is helping but TPM.msc says that TPM is OK & ready to initialize after the manual steps.
<message edited by chiners_68 on Wednesday, May 02, 2012 11:58 AM>