deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 02:43:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'main' into v-smandalika-BL-noencTPM-4491111

Browse Source
This commit is contained in:
Meghana Athavale
2022-05-16 18:18:18 +05:30
committed by GitHub
parent 6a9ead5e4f 56f7803ff8
commit 82f16bad3a
4892 changed files with 134254 additions and 340907 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md
View File

@ -2,12 +2,12 @@
title: BitLocker cannot encrypt a drive known TPM issues
description: Provides guidance for troubleshooting known issues that may prevent BitLocker Drive Encryption from encrypting a drive, and that you can attribute to the TPM
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker
@ -64,7 +64,7 @@ To resolve this issue, disable and re-enable the TPM. To do this, follow these s
3. Restart the device, and change the BIOS configuration to enable the TPM.
4. Restart the device, and return to the TPM management console.
If you still cannot prepare the TPM, clear the existing TPM keys. To do this, follow the instructions in [Troubleshoot the TPM: Clear all the keys from the TPM](https://docs.microsoft.com/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm#clear-all-the-keys-from-the-tpm).
If you still cannot prepare the TPM, clear the existing TPM keys. To do this, follow the instructions in [Troubleshoot the TPM: Clear all the keys from the TPM](../tpm/initialize-and-configure-ownership-of-the-tpm.md#clear-all-the-keys-from-the-tpm).
> [!WARNING]
> Clearing the TPM can cause data loss.
@ -115,7 +115,7 @@ The domain and forest functional level of the environment may still be set to Wi
To resolve this issue, follow these steps:
1. Upgrade the functional level of the domain and forest to Windows Server 2012 R2.
2. Download [Add-TPMSelfWriteACE.vbs](https://go.microsoft.com/fwlink/p/?LinkId=167133).
2. Download [Add-TPMSelfWriteACE.vbs](/samples/browse/?redirectedfrom=TechNet-Gallery).
3. In the script, modify the value of **strPathToDomain** to your domain name.
4. Open an elevated PowerShell window, and run the following command:
@ -127,5 +127,5 @@ To resolve this issue, follow these steps:
For more information, see the following articles:
- [Back up the TPM recovery information to AD DS](https://docs.microsoft.com/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds)
- [Prepare your organization for BitLocker: Planning and policies](https://docs.microsoft.com/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies)
- [Back up the TPM recovery information to AD DS](../tpm/backup-tpm-recovery-information-to-ad-ds.md)
- [Prepare your organization for BitLocker: Planning and policies](./prepare-your-organization-for-bitlocker-planning-and-policies.md)