From d2b8783ca31759791a0553fc4c58d2c9ed28a4f2 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Fri, 19 Jan 2018 10:43:03 -0800 Subject: [PATCH 1/2] revised per CSS --- .../bitlocker/bitlocker-group-policy-settings.md | 2 +- .../bitlocker/bitlocker-how-to-enable-network-unlock.md | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/device-security/bitlocker/bitlocker-group-policy-settings.md b/windows/device-security/bitlocker/bitlocker-group-policy-settings.md index 3982df4fb6..1a5ccc63f1 100644 --- a/windows/device-security/bitlocker/bitlocker-group-policy-settings.md +++ b/windows/device-security/bitlocker/bitlocker-group-policy-settings.md @@ -1856,7 +1856,7 @@ This policy controls how BitLocker-enabled system volumes are handled in conjunc

Conflicts

-

If the Configure TPM platform validation profile for native UEFI firmware configurations Group Policy setting is enabled and PCR 7 is omitted, BitLocker is prevented from using Secure Boot for platform or BCD integrity validation.

+

If you enable**Allow Secure Boot for integrity validation**, make sure the Configure TPM platform validation profile for native UEFI firmware configurations Group Policy setting is not enabled or include PCR 7 to allow BitLocker to use Secure Boot for platform or BCD integrity validation.

For more information about PCR 7, see [Platform Configuration Register (PCR)](#bkmk-pcr) in this topic.

diff --git a/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock.md index 247cea5fb2..c292812427 100644 --- a/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock.md +++ b/windows/device-security/bitlocker/bitlocker-how-to-enable-network-unlock.md @@ -335,6 +335,7 @@ Files to gather when troubleshooting BitLocker Network Unlock include: ## Configure Network Unlock Group Policy settings on earlier versions Network Unlock and the accompanying Group Policy settings were introduced in Windows Server 2012 but can be deployed using operating systems running Windows Server 2008 R2 and Windows Server 2008. + **Requirements** - The server hosting WDS must be running any of the server operating systems designated in the **Applies To** list at the beginning of this topic. From c3259e399d5c5f4ba6ef5162120cd8f0db9d42c0 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Fri, 19 Jan 2018 10:44:44 -0800 Subject: [PATCH 2/2] revised per CSS --- .../bitlocker/bitlocker-group-policy-settings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/device-security/bitlocker/bitlocker-group-policy-settings.md b/windows/device-security/bitlocker/bitlocker-group-policy-settings.md index 1a5ccc63f1..41f2b07751 100644 --- a/windows/device-security/bitlocker/bitlocker-group-policy-settings.md +++ b/windows/device-security/bitlocker/bitlocker-group-policy-settings.md @@ -1856,7 +1856,7 @@ This policy controls how BitLocker-enabled system volumes are handled in conjunc

Conflicts

-

If you enable**Allow Secure Boot for integrity validation**, make sure the Configure TPM platform validation profile for native UEFI firmware configurations Group Policy setting is not enabled or include PCR 7 to allow BitLocker to use Secure Boot for platform or BCD integrity validation.

+

If you enable **Allow Secure Boot for integrity validation**, make sure the Configure TPM platform validation profile for native UEFI firmware configurations Group Policy setting is not enabled or include PCR 7 to allow BitLocker to use Secure Boot for platform or BCD integrity validation.

For more information about PCR 7, see [Platform Configuration Register (PCR)](#bkmk-pcr) in this topic.