Jump to content


impulse101

Pre-Provisioning Bitlocker fails because encryption not fast enough

Recommended Posts

the wait command they are referring to is to add a timer (sleep for 60 seconds) step, like this , create a run command line step called Sleep 60 seconds and type the following in the run command line step

CMD.exe /c PING –n 61 127.0.0.1 

please this step before the Apply Operating system step and after the Pre Provision bitlocker step.

 

does that help ?

Share this post


Link to post
Share on other sites

Yeah, i assumed that must be where it should go, I already have a 90 second wait at that stage in the TS....

 

It makes no difference though, the Bitlocker pre-provision step succeeds (well i think it does, the TS doesnt bomb out), but fails at the enable bitlocker step.

 

Other laptops (also Lenovo) running the the same task sequence are succeeding and have been since we started using bitlocker, so I don't think the problem lies there. But this eval device we have been sent, with the same tpm settings always fails and the only real difference i think is the SSD.

 

Any other ideas Niall?

 

While waiting for a response i will try flashing the BIOS to rule it out, but I am confident thats not going to make any difference.

 

Thanks.

Share this post


Link to post
Share on other sites

well what errors are you seeing in the enable bitlocker step ? have you tried adding a pause command to the ts directly after the pre-provision bitlocker step then open a cmd prompt and issue

manage-bde -status 

and wait till it's 100% then unpause and let it continue, does it continue ok or still fail, that's what we need to know...

Share this post


Link to post
Share on other sites

Size: 233.36 GB

BitLocker Version: 2.0

Conversion Status: Used Space Only Encrypted

Percentage Encrypted: 100%

Encryption Method: AES 128

Protection Status: Protection Off

Lock Status: Unlocked

Identification Field: Unknown

Automatic Unlock: Disabled

Key Protectors: None Found


I ran the command within about 5 seconds of the wait command running, with the above - 100% encrypted, so that does not seem to be the issue (although i am confused as to why this would be an issue for anyone, surely the HDD is almost empty at this stage in a TS - isnt that the WHOLE reason why you PRE-provision?? So when the WIM is being applied, the data is already encrypted and so there is nothing to wait for?).

Share this post


Link to post
Share on other sites

Well this is annoying!!!!

 

It is now working. No changes to the TS were made except to add the 90 second delay (just a ping), which caused a number of failures on this device, but now it runs through fine.

 

Could this have been an AD issue in my case, and in no way related to the issues other users are experiencing?

 

If there were better logs for the bitlocker steps in the TS, this would be much easier.....

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.