BitLocker Combine Boot PIN with TPM
Hi,I'm Running Windows 7 RC, on a notebook with TPM 1.2 chip. Our domain in Windows 2003. I've enabled BitLocker and encrypted the drive. Key stored in a file on a network drive, not AD. It boots up fine without challenge.I am in the public sector and our policy is to use a boot PIN combined with Drive Encryption.I've seen the local GP Bicklocker entries and had a go enabling the combined authentication.It is not asking for a password at boot up, and I can't see where I could set the password or the . I've run gpupdate /force.Do I need to decrypt and re-encrypt the drive for the PIN option to be applied?Or am I on the wrong track altogether.
May 6th, 2009 2:02pm

Hi Brian,I'm the opinion that you have to usemanage-bde command if you want enable Bitlocker with PIN.Peter
Free Windows Admin Tool Kit Click here and download it now
May 22nd, 2009 10:55am

Hello brianmckeon,Have you been able to resolve your question? Please let us know.
June 10th, 2009 2:44am

Peter was right. You have to use manage-bde,here is the command line to enable TPM and Startup PIN, AFTER you've encrypted the drive.manage-bde -protectors -add %systemdrive% -tpmandpin <PIN>
Free Windows Admin Tool Kit Click here and download it now
June 10th, 2009 2:21pm

Here is a full example of setting up BitLocker including the configuration of a pre-boot PIN:How To: Set Up BitLocker Full Disk Encryption + Pre-Boot Pin in Windows 7 Ultimate:http://allen-conway-dotnet.blogspot.com/2010/01/how-to-set-up-bitlocker-full-disk.htmlThank you,
February 1st, 2010 9:59pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics