Bitlocker configuration is setup with tool, but can't turn it on

Discussion in 'Windows Vista Security' started by blunz, Dec 28, 2007.

  1. blunz

    blunz Guest

    I used the "enhancements" tool - first figured out I had to uninstall Norton
    360 to get it to even install. But, even though the tool ran fine and the
    drive config is as desired, when I go to the actual place to turn bitlocker
    on it shows the config as not being ready (although it is). Has anyone else
    run into this? Any idea what's wrong?
     
    blunz, Dec 28, 2007
    #1
    1. Advertisements

  2. blunz

    Jesper Guest

    What is the BitLocker control panel saying needs to be done to your computer?
    Are you sure you have a TPM chip in this computer?
     
    Jesper, Dec 30, 2007
    #2
    1. Advertisements

  3. blunz

    blunz Guest

    Yes - my TPM is installed and active - it's management panel too tells me
    that bitlocker is not configured.
    When I go to the control panel to turn on bitlocker it shows the c: drive,
    shows that it is off, and won't let me turn it on.
    It says the computer is not configured, although it is.
     
    blunz, Jan 1, 2008
    #3
  4. blunz

    Jesper Guest

    Do you have a different system volume with all the boot files on it?
     
    Jesper, Jan 1, 2008
    #4
  5. blunz

    blunz Guest

    It created the s: drive like it was supposed to with all the files on it -
    don't understand what the issue could be. Does the s: drive have to reside on
    the drive before the c: drive. It's located after the c:, but it shouldn't
    matter.
     
    blunz, Jan 1, 2008
    #5
  6. blunz

    Jesper Guest

    No, where the s: drive resides does not matter. However, it has to have all
    the boot files and it has to be the active volume before BitLocker will
    enable. Make sure you have done all the steps in this article:
    http://msinfluentials.com/blogs/jes...-to-BitLocker-an-existing-computer_3F00_.aspx.
    I wrote that before the BitLocker prep tool came out. It is supposed to do
    all that for you, but the article should help you figure out that everything
    has been done.
     
    Jesper, Jan 2, 2008
    #6
  7. you might also try using manage-bde.wsf to turn it on rather than the
    UI....it has better error details.


    josh
    http://windowsconnected.com
     
    Josh Phillips, Jan 9, 2008
    #7
  8. blunz

    blunz Guest

    Tried this - here's what it says - an error occurred while connecting to the
    BitLocker management interface.
    Seems to suggest that bitlocker never properly installed.
     
    blunz, Jan 9, 2008
    #8
  9. blunz

    Jesper Guest

    Are you sure you are running this command as an administrator? Here is a
    thread where Jamie Hunter from the BitLocker team is troubleshooting the same
    error:
    http://help.wugnet.com/vista/ftopic-13981-16-days0-orderasc-.html. There
    were a number of things that coudl cause this problem:
    1. Not running the command as an admin
    2. Not having a compatible TPM
    3. The TPM being disabled in the BIOS (it is on many computers)
    4. The TPM or BitLocker services not being started.
    5. A TPM reporting as a 1.2 TPM when in fact it is a 1.1 TPM.

    Follow the steps in that thread and see if any of those can be the problem
    with your setup.
     
    Jesper, Jan 9, 2008
    #9
  10. blunz

    blunz Guest

    The other thread seems to be spot-on - it leaves me in the same place with a
    "TPM" problem, although I know I have a 1.2 version on the machine, active
    and working.
    Here's the error code I get now:
    There was an error while trying to protect the volume with a TPM. (code
    0x80070005) permission denied
     
    blunz, Jan 9, 2008
    #10
  11. blunz

    Jesper Guest

    Try reinitializing the TPM on your computer completely. Each time we have
    seen this error in the past it has meant either that the TPM incorrectly
    reports itself as being 1.2 compatible, that it has been improperly
    initialized or is locked, or the BIOS does not correctly present the TPM to
    the OS.

    I would take these steps:
    1. Try completely reinitializing the TPM, wiping all existing data
    2. If that does not work, look for a new BIOS for the motherboard
    3. Ensure that you have the right set of TPM drivers
    4. If that does not work verify with the motherboard vendor that the TPM
    really is fully 1.2 compliant.
     
    Jesper, Jan 9, 2008
    #11
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.