Event banner

Windows Office Hours: November 21, 2024

Event Ended

Thursday, Nov 21, 2024, 08:00 AM PST

Online

Event details

Special Microsoft Ignite edition of Windows Office Hours! Get answers to your questions about adopting Windows 11 and managing the Windows devices used by remote, onsite, and hybrid workers acro...

Heather_Poulsen

Updated Nov 21, 2024

Office Hours

EMarrero1720

Occasional Reader

Nov 21, 2024

I am moving from Trellix Disk Encryption to Bitlocker. I decrypted the machine from Trellix and then encrypted with Bitlocker. The Drive gets encrypted, however after a restart the machine is always asked for the Bitlocker key. I did notice in the System Information with Secure Boot enabled, PCR7 binding is not possible and PCR7 is not supported. I updated, TPM version, BIOS version and all drivers. Also ensured Modern Standby is enabled and secureboot too. Any ideas on how to resolve this issue? I see this on all machine in the environment.

Jason_Sandys
Microsoft
Nov 21, 2024
The best resource to start with is Windows Server shows PCR7 configuration as "Binding not possible" - Windows Server | Microsoft Learn. If this does not help, I suggest opening a support case.
- EMarrero1720
  Occasional Reader
  Nov 21, 2024
  Thank you. One more question. For Bitlocker is SecureBoot a requirement?
  - EricMoe
    Microsoft
    Nov 21, 2024
    BitLocker system requirements are here, BitLocker overview | Microsoft Learn, it does not list SecureBoot as a requirement, but SecureBoot is a strongly recommended configuration (Secure boot | Microsoft Learn)

Date and Time

Nov 21, 20248:00 AM - 9:00 AM PST