Archive for August 5th, 2012
BitLocker & BIOS Boot Order
Posted by N. Moseley in ConfigMgr 07, ConfigMgr 12, Scripting, Troubleshooting on August 5, 2012
One of the “gotchas” of BitLocker security is that by not having the hard drive first in the boot order within BIOS, can cause BitLocker security to become enacted and thus needing manual entry of the 48-character key upon the next system restart. This can be a frustration for users who have this happen to them, especially while travelling and unable to reach the help desk. So, during an OS deployment, make efforts to change the boot order in BIOS.
To do this with HP
- Obtain the BIOSConfigUtility in the Systems Software Manager
- Create a text file named “BootOrder.REPSET”. The text file contains the below content. Note that I found it is necessary to define two devices to modify the boot order.
English Boot Order Hard Drive(C:) Notebook Upgrade Bay
- Run command
BiosConfigUtility.EXE /SetConfig:BootOrder.REPSET
To do this with Dell
- Obtain the Client Configuration Toolkit
- Run command
cctk.exe bootorder --sequence=hdd
If you find yourself in a position that you did not do this during the initial deployment of the OS, never fear, SCCM is here! Using task sequences, you can automate the process as to set the hard drive to be first in the boot order and re-seal the TPM by performing the following steps:
- Suspends BitLocker protection
- Reconfigure the boot order (for HP or Dell)
- Restarts Windows
- Resumes BitLocker protection
-
You are currently browsing the archives for Sunday, August 5th, 2012
World Map of Blog Hits
Most Recent Visitors!
Recent Comments