I have nearly everything working for my BitLocker enabling.

I have my BIOS PW being set, the TPM chip being turned on and activated and i have BitLocker encrypting the drive as long as the TPM chip ownership has been set.

This means that if I am redeploying a computer (where the TPM ownership is already set) it works perfectly.

But it fails when I deploy to a brand new PC, the TPM chip is the sticking point because I need to take ownership of it.

I am trying a very basic script now as a test:
manage-bde -tpm -TurnOn
manage-bde -tpm -TakeOwnership PASSWORD
manage-bde -on C: -RecoveryPassword -SkipHardwareTest

I had been reading into it and was trying with powershell but was so far unsuccessful and so I am falling back to the manage-bde method as that works well for turning on bitlocker from my experience so far. 

So, does anyone have experience with this and have some sample scripts?
0 Comments   [ + ] Show Comments


Please log in to comment


Ok, so with Windows 10 I need to use powershell.
Answered 04/11/2017 by: Vivalo
Yellow Belt

Please log in to comment
Answer this question or Comment on this question for clarity
Admin Script Editor
Admin Script Editor is an integrated scripting environment available free here at ITNinja