Jun 08 2017 09:14 AM
What is the recomended process to ensure both the TPM and Bitlocker keys are backed up. I know AD backup was recently disabled for TPM keys in windows 10. MBAM requires a licensed SQL database, which isn't ideal.
Is there a process to do this as part of the OSD task sequence in SCCM?
Joseph
Jun 08 2017 09:35 AM
Jun 08 2017 09:49 AM
I had a manufacturer issue with the TPM module on a dell latitude E5270, where the TPM module refused to unlock or reset without the TPM owner password. It locked because of "too many failed password attempts". It took over a week for the lock to timeout, in the mean time we had to disable bitlocker on the unit.
We support a lot of remote users, and reseting the tpm owner (which requires interaction on boot) isn't ideal. Having the TPM key has been usefull.
As a side question: I'm curious how automatically taking ownership of a tpm would effect dual booting.
Jun 08 2017 09:54 AM