Main Nav

We’re experiencing a very frustrating issue with Microsoft BitLocker on our Dell Latitude E-Series laptops.  The problem is that occasionally and for no discernable reason, the TPM module for the laptop gets disabled in the BIOS.  This causes the system to prompt for a BitLocker Recovery Key at boot, rendering the system useless until the user contacts the help desk.  

 

I’m hoping to compare notes with other institutions that are using TPM with hard drive encryption so we can try to isolate a cause for our problem.  For anyone using hard drive encryption (BitLocker or otherwise) with TPM, would you mind giving me a little info about your deployment and experiences?

·         What laptop make and model do you use?  Approximately how many are in your environment?

·         What hard drive encryption technology are you using?

·         Have you experienced the problem describe above, where the TPM module of the system is disabled for no apparent reason?

·         How long have you had hard drive encryption deployed?

 

If anyone has any recommendations in troubleshooting this issue, I’m eager to hear it.  Thank you for your time and insight.

 

Thanks,

 

Matt Giannetto

Director of IT Security

Montgomery County Community College

mgiannetto@mc3.edu | (215) 619-7442

 

The Internet is a dangerous place.

Be suspicious.  Be aware.  Think security.

www.mc3.edu/security

 


Montgomery County Community College is proud to be designated as an Achieving the Dream Leader College for its commitment to student access and success.

Comments

Message from clementz.7@osu.edu

We have had Bitlocker deployed for a few years now with minimal issues.  On a few very rare occasions, we have had the machine boot and prompt for the code.  When this has happened, I have just re-encrypted the machine and all is well.  Are you deploying chipset software on machines through WSUS that might over wright BIOS information?  We have 60ish deployed with varying models and types.

 

Todd Clementz

Systems Engineer

Knowlton School of Architecture

The Ohio State University

Direct Line: 614.292.8544

Helpdesk: 614.292.8612

Http://Support.knowlton.ohio-state.edu

 

Message from valdis.kletnieks@vt.edu

On Tue, 29 Nov 2011 13:43:46 EST, Matt Giannetto said: > * Have you experienced the problem describe above, where the TPM > module of the system is disabled for no apparent reason? On the Dell E-series, the TPM will drop back into the disabled state if the NVRAM battery is disconnected or dies. And sometimes you need to disconnect the battery to clear up NVRAM corruption. You can see where this is heading...
Message from cthomas@worwic.edu

·         What laptop make and model do you use?  Approximately how many are in your environment? Dell Latitude (100)

·         What hard drive encryption technology are you using? WinMagic SecureDoc

Have you experienced the problem describe above, where the TPM module of the system is disabled for no apparent reason?   The issue you are having with Bitlocker sounds very similar to the issue I had last Spring with our Dell Latitude Series laptops.  I traced my issue back to the use of docking stations and Windows hardware profiles.  I could never find a solution to the issue, so the College purchased a 3rd party encryption program.

·         How long have you had hard drive encryption deployed? Just starting to deploy the encryption software.

 

 

Chuck

 

 

Chuck Thomas

Network Administrator

Wor-Wic Community College

32000 Campus Drive

Salisbury, Maryland 21804

 

Voice: 410.334.2931

Email: cthomas@worwic.edu

Web Site: http://www.worwic.edu