i have a PowerShell script for taking ownership of the tpm, works fine and we have no issues with pre-provision bitlocker on the sp4
you can download it in this package https://www.niallbrady.com/2016/05/17/introducing-the-windows-10-uefi-bitlocker-frontend-for-system-center-configuration-manager-current-branch/mms-2016-windows-10-uefi-bitlocker-hta/ the filename is ChangeTPMOwnership.ps1 and it's in the BitLocker folder On Fri, Sep 23, 2016 at 2:50 PM, Denzik, Josh <[email protected]> wrote: > I am also getting an “already owned” error in the smts log. Mike are you > going anything else to the tpm before the pre-provision step? > > > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Denzik, Josh > *Sent:* Friday, September 23, 2016 6:42 AM > *To:* [email protected] > *Subject:* Re: [MDT-OSD] Surface Pro 4 Bitlocker Pre-Provisioning > > > > Thanks Mike! Please let me know if you find anything else out. > > > Sent from my iPhone > > > On Sep 22, 2016, at 7:03 PM, Marable, Mike <[email protected]> wrote: > > Josh, > > > > We are able to successfully pre-provision BitLocker but our MBAM config > script fails after installing the MBAM client. If I remember the error > message it is something about MBAM being unable to set the numeric > password. > > > > We get it pre-provisioned fine. The MBAM client installs successfully, > but the MBAM config script (sorry I cannot remember its name) is what fails. > > > > I believe we’re using the SCCM+MDT default partitioning for UEFI as well. > > > > I’ll VPN in later and get the details. Right now I don’t think I’m being > much help. J > > > > Mike > > > > > > > > *From: *<[email protected]> on behalf of "Denzik, Josh" < > [email protected]> > *Reply-To: *"[email protected]" <[email protected]> > *Date: *Thursday, September 22, 2016 at 3:39 PM > *To: *"[email protected]" <[email protected]> > *Subject: *[MDT-OSD] Surface Pro 4 Bitlocker Pre-Provisioning > > > > All, > > > > Has anyone been successful using the pre-provision step on a Surface Pro > 4? We currently use MBAM turn on bitlocker in the task sequence. We have > successfully been able to pre-provision dell and Lenovo machines with uefi > bios. I read that it might have something to do with the size of Windows > RE partition…? Any insight would be helpful. > > > > -Josh > > ********************************************************** > Electronic Mail is not secure, may not be read every day, and should not > be used for urgent or sensitive issues > >
