Jump to content


Ente

OSD fails on Bitlocker (0x8007054B)

By Ente, in Configuration Manager 2007

Recommended Posts

Ente Newbie

Ente

Posted
Posted

I have a new issue when deploying Win7 to devices in my environment. The task sequence fails on enabling Bitlocker stating that it can't take ownership of TPM. This has been working fine up until this week.

 

<![LOG[==============================[ OSDBitLocker.exe ]==============================]LOG]!><time="13:58:56.806+300" date="10-18-2012" component="OSDBitLocker" context="" type="1" thread="2908" file="main.cpp:608">
<![LOG[Command line: "OSDBitLocker.exe" /enable /wait:False /mode:TPM /pwd:AD]LOG]!><time="13:58:56.806+300" date="10-18-2012" component="OSDBitLocker" context="" type="1" thread="2908" file="main.cpp:609">
<![LOG[initialized COM]LOG]!><time="13:58:56.806+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="main.cpp:632">
<![LOG[Command line for extension .exe is "%1" %*]LOG]!><time="13:58:56.806+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="commandline.cpp:229">
<![LOG[set command line: "OSDBitLocker.exe" /enable /wait:False /mode:TPM /pwd:AD]LOG]!><time="13:58:56.806+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="commandline.cpp:707">
<![LOG[Target volume not specified, using current OS volume]LOG]!><time="13:58:56.806+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="main.cpp:522">
<![LOG[Current OS volume is 'C:']LOG]!><time="13:58:56.806+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="main.cpp:524">
<![LOG[succeeded loading resource DLL 'C:\Windows\SysWOW64\CCM\1033\TSRES.DLL']LOG]!><time="13:58:56.931+300" date="10-18-2012" component="OSDBitLocker" context="" type="1" thread="2908" file="util.cpp:869">
<![LOG[Protection is OFF]LOG]!><time="13:58:56.962+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="bitlocker.cpp:1385">
<![LOG[Volume is fully decrypted]LOG]!><time="13:58:56.977+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="bitlocker.cpp:1392">
<![LOG[Tpm is enabled]LOG]!><time="13:58:58.023+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="tpm.cpp:161">
<![LOG[Tpm is activated]LOG]!><time="13:58:58.085+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="tpm.cpp:166">
<![LOG[Tpm is not owned]LOG]!><time="13:58:58.147+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="tpm.cpp:171">
<![LOG[Tpm ownership is allowed]LOG]!><time="13:58:58.210+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="tpm.cpp:176">
<![LOG[uStatus == 0, HRESULT=80280012 (e:\nts_sms_fre\sms\framework\tscore\tpm.cpp,503)]LOG]!><time="13:58:58.350+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="tpm.cpp:503">
<![LOG['IsSrkAuthCompatible' failed (2150105106)]LOG]!><time="13:58:58.350+300" date="10-18-2012" component="OSDBitLocker" context="" type="3" thread="2908" file="tpm.cpp:503">
<![LOG[Tpm does not have compatible SRK]LOG]!><time="13:58:58.350+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="tpm.cpp:180">
<![LOG[Tpm has EK pair]LOG]!><time="13:58:58.491+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="tpm.cpp:184">
<![LOG[initial TPM state: 39]LOG]!><time="13:58:58.491+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="bitlocker.cpp:410">
<![LOG[Creating TPM owner authorization value]LOG]!><time="13:58:58.491+300" date="10-18-2012" component="OSDBitLocker" context="" type="1" thread="2908" file="bitlocker.cpp:441">
<![LOG[succeeded loading resource DLL 'C:\Windows\SysWOW64\CCM\1033\TSRES.DLL']LOG]!><time="13:58:58.491+300" date="10-18-2012" component="OSDBitLocker" context="" type="1" thread="2908" file="util.cpp:869">
<![LOG[Taking ownership of TPM]LOG]!><time="13:58:58.522+300" date="10-18-2012" component="OSDBitLocker" context="" type="1" thread="2908" file="bitlocker.cpp:475">
<![LOG[uStatus == 0, HRESULT=8007054b (e:\nts_sms_fre\sms\framework\tscore\tpm.cpp,645)]LOG]!><time="13:59:00.971+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="tpm.cpp:645">
<![LOG['TakeOwnership' failed (2147943755)]LOG]!><time="13:59:00.971+300" date="10-18-2012" component="OSDBitLocker" context="" type="3" thread="2908" file="tpm.cpp:645">
<![LOG[pTpm->TakeOwnership( sOwnerAuth ), HRESULT=8007054b (e:\nts_sms_fre\sms\client\osdeployment\bitlocker\bitlocker.cpp,480)]LOG]!><time="13:59:00.971+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="bitlocker.cpp:480">
<![LOG[Failed to take ownership of TPM. Ensure that Active Directory permissions are properly configured
The specified domain either does not exist or could not be contacted. (Error: 8007054B; Source: Windows)]LOG]!><time="13:59:00.971+300" date="10-18-2012" component="OSDBitLocker" context="" type="3" thread="2908" file="bitlocker.cpp:480">
<![LOG[initializeTpm(), HRESULT=8007054b (e:\nts_sms_fre\sms\client\osdeployment\bitlocker\bitlocker.cpp,1191)]LOG]!><time="13:59:00.971+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="bitlocker.cpp:1191">
<![LOG[ConfigureKeyProtection( keyMode, pwdMode, pszStartupKeyVolume ), HRESULT=8007054b (e:\nts_sms_fre\sms\client\osdeployment\bitlocker\bitlocker.cpp,1396)]LOG]!><time="13:59:00.971+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="bitlocker.cpp:1396">
<![LOG[pBitLocker->Enable( argInfo.keyMode, argInfo.passwordMode, argInfo.sStartupKeyVolume, argInfo.bWait ), HRESULT=8007054b (e:\nts_sms_fre\sms\client\osdeployment\bitlocker\main.cpp,650)]LOG]!><time="13:59:00.971+300" date="10-18-2012" component="OSDBitLocker" context="" type="0" thread="2908" file="main.cpp:650">
<![LOG[Process completed with exit code 2147943755]LOG]!><time="13:59:00.971+300" date="10-18-2012" component="TSManager" context="" type="1" thread="2676" file="commandline.cpp:1102">
<![LOG[!--------------------------------------------------------------------------------------------!]LOG]!><time="13:59:00.971+300" date="10-18-2012" component="TSManager" context="" type="1" thread="2676" file="instruction.cxx:3010">
<![LOG[Failed to run the action: Enable BitLocker.
The specified domain either does not exist or could not be contacted. (Error: 8007054B; Source: Windows)]LOG]!><time="13:59:00.987+300" date="10-18-2012" component="TSManager" context="" type="3" thread="2676" file="instruction.cxx:3101">
<![LOG[sending status message . . .]LOG]!><time="13:59:00.987+300" date="10-18-2012" component="TSManager" context="" type="1" thread="2676" file="utility.cxx:292">
<![LOG[send a task execution status message SMS_TSExecution_ActionFailError]LOG]!><time="13:59:00.987+300" date="10-18-2012" component="TSManager" context="" type="1" thread="2676" file="utility.cxx:314">

Share this post

Link to post
Share on other sites
anyweb Proficient

anyweb

Posted
Posted

did you post this on technet as well? , the reason for your bitlocker failure is because it cannot communicate with your domain controller, fix that issue first and you'll be good to go

 

The specified domain either does not exist or could not be contacted.

Share this post

Link to post
Share on other sites
Ente Newbie

Ente

Posted
Posted

did you post this on technet as well? , the reason for your bitlocker failure is because it cannot communicate with your domain controller, fix that issue first and you'll be good to go

 

I understand by looking at the logs that my computer cannot communicate with the DC, but why is that suddenly an issue and where do I find the cause? What can I test or where can I look?

Share this post

Link to post
Share on other sites
Ente Newbie

Ente

Posted
Posted

Its hard to say what we did to resolve this, but I recently added a step to our imaging task sequences that joins the domain just before Bitlocker is enabled. It could be that the TPM needed a full reset on a few devices that were throwing this error code. I'll keep you posted on any future issues.

Share this post

Link to post
Share on other sites
polujic Newbie

polujic

Posted
Posted

Im Running a SCCM 2007 SP2

Trying to enable Bitlocker on a Lenovo T510i

 

 

SMSLOG

 

Error During TPM Owner clear

 

!--------------------------------------------------------------------------------------------! TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Failed to run the action: TPM Ownership.

Unknown error (Error: FFFFFFFF; Source: Unknown) TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Sending status message . . . TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Send a task execution status message SMS_TSExecution_ActionFailError TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

MP server SS02034.DOmain and port 80. SSL=false. CRL=false. TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Site code: SO1 TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Client machine name: sSC02034 TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Client Identity: GUID:12BC30F5-309D-471E-AE98-DE69BC86133F TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Advertisement ID: SO120335 TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Package ID: SO100118 TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Sending StatusMessage TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Formatted header: TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

<Msg SchemaVersion="1.1" ReplyCompression="zlib"><ID/><SourceID>5c58f0ca-6a21-4311-8fe6-d5b197192d66</SourceID><SourceHost/><TargetAddress>mp:[http]MP_StatusManager</TargetAddress><ReplyTo>direct:OSD</ReplyTo><Priority>3</Priority><Timeout>3600</Timeout><SentTime>2012-11-29T09:31:58Z</SentTime><Protocol>http</Protocol><Body Type="ByteRange" Offset="0" Length="3224"/><Hooks/><Payload Type="inline"/><TargetHost/><TargetEndpoint>StatusReceiver</TargetEndpoint><ReplyMode>Sync</ReplyMode><CorrelationID/></Msg>

TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

CLibSMSMessageWinHttpTransport::Send: URL: sSC02034 .Domain.com:80 CCM_POST /ccm_system/request TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

The request has succeeded. 200 OK TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Set a global environment variable _SMSTSLastActionRetCode=-1 TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Set a global environment variable _SMSTSLastActionSucceeded=false TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Clear local default environment TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

The execution engine ignored the failure of the action (TPM Ownership) and continues execution TSManager 29.11.2012 10:31:58 2604 (0x0A2C)

Share this post

Link to post
Share on other sites
polujic Newbie

polujic

Posted
Posted

Error During TPM Activation

 

CreateProcessAsUser failed. Code(0x80070002) InstallSoftware 29.11.2012 10:33:31 2456 (0x0998)

Command line execution failed (80070002) InstallSoftware 29.11.2012 10:33:31 2456 (0x0998)

clCommandLine.Execute( uOptions, pszWorkingDir, lpDesktop ), HRESULT=80070002 (e:\nts_sms_fre\sms\client\osdeployment\installsoftware\runcommandline.cpp,558) InstallSoftware 29.11.2012 10:33:31 2456 (0x0998)

Failed to execute command line 'C:\Windows\System32\manage-bde.exe -tpm -t' .

Unknown error (Error: 80070002; Source: Unknown) InstallSoftware 29.11.2012 10:33:31 2456 (0x0998)

cmd.Execute(pszPkgID, sProgramName, dwCmdLineExitCode), HRESULT=80070002 (e:\nts_sms_fre\sms\client\osdeployment\installsoftware\main.cpp,385) InstallSoftware 29.11.2012 10:33:31 2456 (0x0998)

Install Software failed to run command line, hr=0x80070002 InstallSoftware 29.11.2012 10:33:31 2456 (0x0998)

Process completed with exit code 2147942402 TSManager 29.11.2012 10:33:31 1856 (0x0740)

!--------------------------------------------------------------------------------------------! TSManager 29.11.2012 10:33:31 1856 (0x0740)

Failed to run the action: TPM Activation.

Unknown error (Error: 80070002; Source: Unknown) TSManager 29.11.2012 10:33:31 1856 (0x0740)

Sending status message . . . TSManager 29.11.2012 10:33:31 1856 (0x0740)

Send a task execution status message SMS_TSExecution_ActionFailError TSManager 29.11.2012 10:33:31 1856 (0x0740)

MP server SS02034.DOmain.com and port 80. SSL=false. CRL=false. TSManager 29.11.2012 10:33:31 1856 (0x0740)

Site code: SO1 TSManager 29.11.2012 10:33:31 1856 (0x0740)

Client machine name: SS02034 TSManager 29.11.2012 10:33:31 1856 (0x0740)

Client Identity: GUID:12fbrth64F5-309D-471E-AE98-D56546C86133F TSManager 29.11.2012 10:33:31 1856 (0x0740)

Advertisement ID: SS02034 TSManager 29.11.2012 10:33:31 1856 (0x0740)

Package ID: SO1118 TSManager 29.11.2012 10:33:31 1856 (0x0740)

Sending StatusMessage TSManager 29.11.2012 10:33:31 1856 (0x0740)

Formatted header: TSManager 29.11.2012 10:33:31 1856 (0x0740)

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.