BitLocker deadlock

I have a Windows 8.1 build that I intend to capture as a master image for deployment with SCCM.

I tried to SysPrep it.

It says it cannot run sysprep, go and look at setupact.log to see why...when I look in setupact.log it says BitLocker is enabled for the System Volume.  But it is not, we never use BitLocker and I have not enabled it on this build.

I think maybe if I enable BitLocker, and then disable it again, I will get round this, so I try to enable BitLocker and I get "This system does not support entering a recovery key at startup, please ask your administrator to enable Windows Recovery."

I run reagentc /info and sure enough it is not enabled.

I run reagentc /enable I get "Cannot enable Windows Recovery when BitLocker is enabled".

But BitLocker is not enabled, and will not enable. Impasse.

For now, I have flattened and it and will re-image and re-apply my latest updates and changes, but I may get into the same mess tomorrow when I reach the SysPrep stage again.

Is there a way I can convince this system that it doesn't have BitLocker enabled? Or repair WinRe so that I can enable/disable BitLocker (though that itself is a workaround - fixing a problem that doesn't/shouldn't exist.)

Thanks in ad

April 13th, 2015 11:16am

You could try to turn the BitLocker feature on and then back off. Then run the sysprep command again.

Here is a similar situation like you have.

Read the answer by Tim-The-Viking.

https://social.technet.microsoft.com/Forums/windows/en-US/47fabbb8-e609-4084-98a2-0a8b2009565d/sysprep-failure-unable-to-validate-windows-installation-bitlocker?forum=w8itproinstall

Free Windows Admin Tool Kit Click here and download it now
April 13th, 2015 1:17pm

You could try to turn the BitLocker feature on and then back off. Then run the sysprep command again.

Here is a similar situation like you have.

Read the answer by Tim-The-Viking.

https://social.technet.microsoft.com/Forums/windows/en-US/47fabbb8-e609-4084-98a2-0a8b2009565d/sysprep-failure-unable-to-validate-windows-installation-bitlocker?forum=w8itproinstall

April 13th, 2015 5:15pm

You could try to turn the BitLocker feature on and then back off. Then run the sysprep command again.

Here is a similar situation like you have.

Read the answer by Tim-The-Viking.

https://social.technet.microsoft.com/Forums/windows/en-US/47fabbb8-e609-4084-98a2-0a8b2009565d/sysprep-failure-unable-to-validate-windows-installation-bitlocker?forum=w8itproinstall

Free Windows Admin Tool Kit Click here and download it now
April 13th, 2015 5:15pm

Thanks.

I already tried this, and it failed - as my post states.

BitLocker will not turn on because all three of the "save your recovery key.." options come back with error saying "your key could not be saved to that location, try a different one".

So, as I already said, BitLocker thinks it is turned on, but it is not, and you can't turn it on, so you are stuck.

April 14th, 2015 3:50am

I think this is something do with the TPM.

At any rate, I went into the BIOS and cleared the TPM, I also set the options for manage and reset the TPM from the OS.

After setting those I had extra options in the Control Panel/BitLocker tool for managing the TPM; I went in and set a password on it, but didn't do anything else.

Having done that, BitLocker then advertised itself as "Off" (which it had been, all along), and sysprep ran OK.

I can only guess that the TPM was in some partially unconfigured state that confused the system. But I might be wrong.

Free Windows Admin Tool Kit Click here and download it now
April 14th, 2015 6:55am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics