>Caveat: This only happens on the models that have legacy boot and secure boot separated into two settings in the BIOS. The models that have it all in >one step (i.e. “Legacy boot disabled and SecureBoot enabled”), those do not have the issue at all.
My gut says talk to the vendor about it. It *should* work and does work on other models. On Fri, Jul 28, 2017 at 1:04 PM, nick aquino <nick.aqu...@hotmail.com> wrote: > Hi all, > > Building out a Windows 10 1703 in-place upgrade task sequence for HP > Models running Windows 7. I’ve run into a few issues with these, one of > them being that when I turn on SecureBoot, bitlocker recovery key is > required after I re-enable bitlocker. Here are my steps: > > > > 1. Disable bitlocker > 2. Upgrade Operating system > 1. This reboots on its own > 3. Added another restart to fix an issue with the TS Progress bar > 1. (conditional steps to disable bitlocker if, for some reason, > it’s enabled again) > 4. Restart into WinPE > 5. Convert from MBR to GPT > 6. Configure BIOS with UEFI and Secure Boot > 7. Restart into Default OS > 8. Enable bitlocker > 9. Restart again into Main OS > > > > After Step 9 restarts, we’re presented with the bitlocker recovery > screen. We enter the recovery key, boot up, disable bitlocker, restart, > enable bitlocker and it’s fine. > > > > If I perform all of the same steps but without enabling SecureBoot, we do > not have an issue. As soon as I enable secure boot (even if bitlocker is > disabled before I restart into the firmware), once bitlocker enables, the > recovery key is required upon the next restart. > > > > Caveat: This only happens on the models that have legacy boot and secure > boot separated into two settings in the BIOS. The models that have it all > in one step (i.e. “Legacy boot disabled and SecureBoot enabled”), those do > not have the issue at all. > > > > I hope this write-up makes sense and someone has a workaround. > > > > -Nick- > > > >
