Logon on your Domain Controller first and look at the Operating System version installed. In this blogpost I show you which configuration is needed to find the recovery key. By default however the recovery key cannot be found in Active Directory. In the end of the task sequence "Enable BitLocker" is added, which saves the BitLocker recovery key in Active Directory Domain Services (ADDS). That way the "Pre-provision BitLocker" is added after the "Format and Partition Disk" step. When using BitLocker within ConfigMgr you must select "Configure task sequence for use with BitLocker" during the task sequence wizard. This is a prerequisite BEFORE running the deployment task sequence. This is disabled by default, so no BitLocker by default when using functionality within ConfigMgr. When using BitLocker (used for encryption of data on disks) on endpoints the Trusted Platform Module (TPM) chip must be enabled and activated in BIOS.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |