Hello,
I'm running into an issue with using BitLocker during OSD on a particular Samsung model. According to the SMSTS.log the provision BitLocker step fails to detect an Active TPM. I do not have this issue with any of our Dells or Lenovo's. So far it's just this Samsung model.
After the task sequence completes I am able to manually kick off encryption after I reboot the machine. The reboot seems to be needed to take ownership of the TPM. After the restart and encrypt the keys show up in Active Directory and MBAM. According to the BIOS the TPM is active.
Model: 900X3G BIOS: America Megatrends Inc. BIOS Version: P05ADU.025.140523.PS TPM Maker: IFX v. 3.19
Troubleshooting:
Verified the disk partitions. 350 BDEDrive & 100% of remaining space for the OSDrive
Verified the TPM driver is installed through the driver package. It shows up as a 1.2
I used a vanilla and MDT tasks sequence. It's my understanding they use different utilities to kick off BitLocker.
I moved the "enable bitlocker" step around the task sequence
Added a run command line "manage-bde.exe -on c:" at the end of the TS
Has anyone else run into a model that will just *not* work during OSD?
Thanks
-Nick