Bitlocker enabled drive, recovery key needed during boot, PCS did not match, event id 24635, source bitlocker-driver
Hi After rebooting one of our test machines, bitlocker wanted the recovery key. There were no hardware modifications on that machine. Error message in event log: Bootmgr failed to obtain the bitlocker volume master key from the TPM because the PCRs did not match Event id 24635, source bitlocker-driver Each time the machine starts, the recovery key is needed. Any idea how to solve that issue and why it happens? update: Second partition was created manually on that machine. So that's clear that bitlocker reacts... But now: how can I confirm those changes so that the recovery key is not needed each time we boot?
July 27th, 2010 2:43pm

Hi, I would like to confirm if BitLocker accepts the recovery key? Please update the BIOS to improve the stability for TPM first. I also would like to suggest you disable and enable BitLocker again to reset the settings. For more information, please refer to the following link: http://technet.microsoft.com/en-us/library/dd835565(WS.10).aspx Regards, Arthur Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com. Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
July 28th, 2010 8:26am

Hi, I would like to confirm what is the current situation? If there is anything that I can do for you, please do not hesitate to let me know, and I will be happy to help. Regards, Arthur Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
August 2nd, 2010 4:51am

Hi, It has been a while since my previous suggestions was posted and I'm writing to find out if you have had an opportunity to test my suggestions yet. If you need my further assistance, please do not hesitate to let me know, and I will be happy to help. I look forward to your reply. Regards, Arthur Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
August 4th, 2010 4:26am

Hi sorry for the late reply. Fixed by your solution, thanks a lot for your help!
August 5th, 2010 10:01am

While I'm sure this works, I can't believe this is the only way to fix this issue. There are no BIOS updates available for my Lenovo T520 currently... I've made no systems changes since enabling Bitlocker 3 days ago. It just started prompting me for recovery key after every reboot. So I'm hesitant to even re-enable it again after decrypting the drive. Microsoft really needs to step up with a better solution than just decrypting and encrypting the drive which takes a couple hours for me. Total waste of time.
Free Windows Admin Tool Kit Click here and download it now
July 13th, 2011 4:16pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics