I am trying to upgrade BIOS using SMS (ConfigMgr/SCCM 2007). It appears the bitlocker is triggered after the BIOS has been upgraded. The process runs with the system account. Is this by design? Thanks.Mayur

Yes, this is by design. http://technet.microsoft.com/en-us/library/ee449438(WS.10).aspx#BKMK_examplesosrec >Upgrading critical early startup components, such as a BIOS upgrade, causing the BIOS measurements to change. If you want to do a firmware or BIOS upgrade using SCCM 2007, do this: 1. Create a task to suspend bitlocker protection >%systemroot%\system32\manage-bde -protectors -disable c: 2. Complete the BIOS/firmware upgrade. 3. Now to enable Bitlocker protection >%systemroot%\system32\manage-bde -protectors -enable c: I hope this helps you.Manoj Sehgal

Thanks. This works. But I think this is a very serious flaw in the OS. It should know the change is being done by an authorized account should not treat it as a threat.Mayur