Forum Discussion
neilcarden
Jun 07, 2019Brass Contributor
AutoPilot silent encryption Surface Pro 6 failing
Hi, has anyone had any joy enrolling Surface Pros with Autopilot enabling bitlocker silently?
I have the enrolment profile as the enrolee as a non-admin and bitlocker encryption allowed by non-admins.
I have ‘allow TPM’ and ‘allow TPM and PIN’ (and have tried various different combinations) configured as we want to use a PIN on boot.
When it goes through the enrol it completes and loads Windows, and bitlocker is off. When I try to enable manually it fails due to group policy issue. The Event viewer says ‘cannot silently encrypt due to the lack of keyboard’. I have tried with keyboard disconnected, connected, external keyboard via Surface docker...
Am I missing something obvious? I can’t find any documentation or articles that offer any solutions...
Thanks in advance.
Neil
I have the enrolment profile as the enrolee as a non-admin and bitlocker encryption allowed by non-admins.
I have ‘allow TPM’ and ‘allow TPM and PIN’ (and have tried various different combinations) configured as we want to use a PIN on boot.
When it goes through the enrol it completes and loads Windows, and bitlocker is off. When I try to enable manually it fails due to group policy issue. The Event viewer says ‘cannot silently encrypt due to the lack of keyboard’. I have tried with keyboard disconnected, connected, external keyboard via Surface docker...
Am I missing something obvious? I can’t find any documentation or articles that offer any solutions...
Thanks in advance.
Neil
Hi neilcarden,
Which version of Windows 10 are you using, and if installed from media, which media are you using?
- neilcardenBrass ContributorIt varies... have tried Pro and Enterprise both 1803 and 1809. Also tried a Surface straight out of the box and OS installed from USB media... and lots of resets!!
Hi neilcarden,
Sounds strange - I do not have access to a Surface Pro 6, so I am not able to replicate. However I am aware of an issue with the 1809 RTM media was causing the disk layout to be wrongly configured causing BitLocker to fail encryption as part of the AAD join. The issue is fixed with the most recent Windows 10 1809 ISO (January 2019). Any chance you are reusing the disk layout from a Windows 10 1809 RTM version?
--Jesper