Enabling Bitlocker for WIN7x64 whith recovery key on network share and startup key on USB Drive

[gaurav ranjan]

Hi,

I have to enable bitlocker on a WIN7x64 machine during the OSD through SCCM. I have successfully completed the scenario for a WIN7x86 machine using the manage-bde command.

For the scenario, I have configured the group policies and the UNC path for the recovery key. I have to generate the startup key on the flash drive.

Group policies which i had configured are:-

1. computer configuration>>windows component>>bitlocker drive encryption and enabled the policy choose default folder for bitlocker recovery with a network location.

2. computer configuration>>windows component>>bitlocker drive encryption and enabled the policy choose how users can recover bitlocker-protected drives.

3. computer configuration>>windows component>>bitlocker drive encryption>>operating system drives and enabled the policy with settings

checked allow bitlocker without a compatible TPM and changes the rest of the options to donot allow TPM

Now main thing is that during OSD my task sequence fails with an error 8031005B during enabling bitlocker step.

I am using C:\Windows\System32\manage-bde.exe -on C: -rk <network location> -sk <USB_Drive_letter>: -s -rp as to enable bitlocker in my SCCM TS(run command line).

I have also checked the disable 64-bit file system re-direction.

What else I am missing. It's been a pain in my head for the last 3 days.

Do inform me if any more information needed by my side.

NOTE:-recovery key will be on network share, i have to implement bitlocker during OSD(WIN7x64) with SCCM.

 

Few posts on Bitlocker by myself on Technet:-

 

http://social.techne...62-0130c9720455

 

http://social.techne...25-4e36500bac48

 

http://social.techne...6-ebfc9b137247/

 

=====================================================================================================

Thanks

Gaurav Ranjan