cancel
Showing results for 
Search instead for 
Did you mean: 
The HP Calculator Community Message Board is moving. While we prepare for the move, we are unable to accept new postings. During the move, you can look for help from other users by visiting https://www.hpmuseum.org/ . Or if you need technical support for your calculator visit: HP Calculators. .
ClarityIT
New member
2 1 0 0
Message 1 of 4
2,846
Flag Post

Bitlocker Network Unlock

HP Recommended
HP Prodesk 400 G3 & G4
Microsoft Windows 10 (64-bit)

Hi,

 

I am trying to setup bitlocker network unlock on me current domain, however I am getting stuck with the follwing issue;

 

"Bootmgr failed to obtain the BitLocker volume master key from the network key protector: failed to send request."

 

Looking at it, the device fails to send the request for a DHCP address; does anyone know why this would happen; there has been several references to a network stack but looking into the BIOS/UEFI there is nothing that relates to a "network stack". I am able to PXE boot the machines though.

 

Any help would be great.

3 REPLIES 3
ThatOtherITGuy
New member
2 2 0 0
Message 2 of 4
Flag Post
HP Recommended

Hi, 

I haven't worked with this model before but are you running boot mode as UEFI Native (Without CSM) ?

If you can successfully PXE boot and your boot mode is set to the above setting, you are successfully getting an IP from DHCP.

Another thing to check would be TPM, from the OS, run "TPM.msc" and the status is "The TPM is ready for use with reducd functionality", you may need to look into clearing the TPM.

I used these two articles and they are very helpful in understanding and implementing Bitlocker Network Unlock:

https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-how-to-...

https://blogs.technet.microsoft.com/dubaisec/2016/04/14/bitlocker-network-unlock/

 

Let me know how it works out for you.

 

Tags (1)
Was this reply helpful? Yes No
ClarityIT
Author
New member
2 1 0 0
Message 3 of 4
Flag Post
HP Recommended

Hi,

 

I have checked the TMP status and it was set to "ready to use"

 

I did think that the PXE was working and that it was able to get a DHCP address;

 

However when I run wireshark to capture the packets on WDS nothing shows up until the machine boots into windows.

 

Hence why I though that something is stopping the connection.

 

I have followed both articles and neither advise how to troubleshoo the client.

 

I take it works on your network, can I ask how yours is setup?

 

Currently my setup is as follows;

 

DC/DHCP

-- CA 

 ---- WDS

 ------- Clients

 

I installed Wireshark on all serves and still only picks up anything after windows boots.

 

I have a firewall between clients and servers but this has IP helpers on and DHCP is configured to look at WDS for PXE.

 

Completely lost, there is no comprehensive guide.

 

thanks.

Was this reply helpful? Yes No
ThatOtherITGuy
New member
2 2 0 0
Message 4 of 4
Flag Post
HP Recommended

Hi,

 

Sorry to hear that it's still not working, I have it configured as follows:

DC/DHCP

-- CA 

 ---- WDS

 ------- Clients

 

IP Helpers for DHCP servers and WDS server

DHCP options for WDS server

CA signed certificate with private key in the Computer\Bitlocker Drive Encryption Network Unlock store

The certificate without the key is in the GPO that applies the "Bitlocker drive encryption Network Unlock certificate" and enables network unlock at startup.

Client boot mode is set to UEFI native (Not BIOS or Hybrid (With CSM))

 

 

It sounds like your IP Helper is only for the DHCP server and not the WDS server. I tested and without the IP helper, the machine will not send the DHCP packet to the WDS server.

 

Regards

Was this reply helpful? Yes No
Warning Be alert for scammers posting fake support phone numbers and/or email addresses on the community. If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation