I have nearly everything working for my BitLocker enabling.

I have my BIOS PW being set, the TPM chip being turned on and activated and i have BitLocker encrypting the drive as long as the TPM chip ownership has been set.

This means that if I am redeploying a computer (where the TPM ownership is already set) it works perfectly.

But it fails when I deploy to a brand new PC, the TPM chip is the sticking point because I need to take ownership of it.

I am trying a very basic script now as a test:
manage-bde -tpm -TurnOn
manage-bde -tpm -TakeOwnership PASSWORD
manage-bde -on C: -RecoveryPassword -SkipHardwareTest

I had been reading into it and was trying with powershell but was so far unsuccessful and so I am falling back to the manage-bde method as that works well for turning on bitlocker from my experience so far. 

So, does anyone have experience with this and have some sample scripts?
0 Comments   [ + ] Show Comments


Please log in to comment


Ok, so with Windows 10 I need to use powershell.
Answered 04/11/2017 by: Vivalo
Yellow Belt

Please log in to comment
Answer this question or Comment on this question for clarity