WAZZIE Posted August 26, 2015 Report post Posted August 26, 2015 Hi All, Recently I have been trying to bit locker devices during OSD on a 2008r2 domain, with sccm 2012 r2 sp1. the schema has been checked and is correct (the 5 entries are present) CN=ms-FVE-KeyPackage – attributeSchema object CN=ms-FVE-RecoveryGuid – attributeSchema object CN=ms-FVE-RecoveryInformation – classSchema object CN=ms-FVE-RecoveryPassword – attributeSchema object CN=ms-FVE-VolumeGuid – attributeSchema object CN=ms-TPM-OwnerInformation – attributeSchema object The ad DC's have the bitlocker tools installed, and I can see the 'bitlocker recovery key' tab for a device in ADUC. I have a AD GPO in place on an OU where the device exists in AD But my task sequence fails at the ENABLE BITLOCKER stage towards the end of the TS. The TS was created by sccm wizard, nothing special in it as yet. If I disable the DISABLE BITLOCKER, PREPROVISION BITLOCKER and ENABLED BITLOCKER steps in the TS and build the device, then enable bitlocker manually logged on to the device, it works and saves the key to AD, I am obviously missing something here, anyone know where I should look in the logs... The device is uefi and has secureboot enabled The OS is Windows 81 x32 Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted August 26, 2015 Report post Posted August 26, 2015 But my task sequence fails at the ENABLE BITLOCKER stage towards the end of the TS. with what error ? Quote Share this post Link to post Share on other sites More sharing options...
WAZZIE Posted August 26, 2015 Report post Posted August 26, 2015 I am not as work at present and don't have it handy, however i think it was a 0x80004005 I will confirm tomorrow if that's ok niall. with a bit more info. Quote Share this post Link to post Share on other sites More sharing options...
