BItlocker TPM no Forced Reboot
HI , I am Running the bitlocker Script to ecrypt the primary Hard drive. During this process the script checks the status of the TPM for Ownership, whether it is activated and enabled . If not it forces a reboot , and prompts you to to Enable the TPM module at boot up at the bios screen. This is fine and works well. But I would like to stop it from forcing a reboot and promting next time the machine is restarted . Is this possbile? What change would I have to do? here is part of the script General 2 - Main script processing area '---------------------------------------------------------------------------------------- ConnectTPMProv() 'Connect to the TPM WMI provider If argProtect = "usb" Then ConnectBDEProv() 'Connect to the volume encryption WMI provider EvalGPO() GetBDEStatus() Else GetTPMStatus() 'Get the current status of the TPM to determine action ConnectBDEProv() 'Connect to the volume encryption WMI provider 'The following If statements cause the script to react differently depending on the TPM state If bIsEnabled = "True" and bIsActivated = "True" and bIsOwned = "True" Then objlog.writeline "TPM is in a ready state to enable BitLocker." If argRO = "1" Then objlog.writeline "Change TPM owner password specified on the command line." DenTPMPassword ChangeOwnerAuth strOldOwnerPassword,strOwnerPassword EvalGPO() GetBDEStatus() Else EvalGPO() GetBDEStatus() End If Else If bIsEnabled = "True" and bIsActivated = "True" and bIsOwned = "False" Then objlog.writeline "TPM ownership is not taken...will take ownership." DenTPMPassword OwnTPM EvalGPO() GetBDEStatus() Else If bIsEnabled = "False" And bIsActivated = "False" and bIsOwned = "False" Then objlog.writeline "TPM is not turned on...will Enable and Activate TPM and force a reboot." EnableActivateTPM() Else If bIsEnabled = "False" and bIsActivated = "False" and bIsOwned = "True" Then objlog.writeline "TPM is not turned on...will Enable and Activate TPM and force a reboot." EnableActivateTPM() Else If bIsEnabled = "True" and bIsActivated = "False" and bIsOwned = "False" Then objlog.writeline "TPM is turned but not activated...will Activate TPM and force a reboot." EnableActivateTPM() End If End If End If End If End If End If If strStatusCode = 1 then strStatusData = strStatusTPMState & ". " & strStatusTPM & " " & "The volume has a protection status of: " & nProtStatus & ". " & strStatusBDE & ". " & "Script Completed Successfully" objLog.writeline strstatusdata CreateStatusMIF strStatusData End if objlog.writeline "Script ended " & Date & " " & Time
April 24th, 2012 7:54am

Hi, The issue is more related to the Script. You may paste your issue in Scripting Forum: http://social.technet.microsoft.com/Forums/en/ITCG/threadsKim Zhou TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
April 25th, 2012 5:38am

Thanks for your reply Kim, I have just been bumped back to this thread section after posting in the script area , This seems to be quite complicated , To explain a bit further ; I want to deploy bitlocker to a mass of laptops that have gone out without bitlocker being run . Encrypting the drive inst the problem. It is enabling the TPM . The script above will do what I want it to do apart from the forced reboot. I dont want that as users might lose work , all I want it to do , is enable the tpm on the next bootup after the script has run .
April 25th, 2012 9:13am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics