• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
Are you having HotKey issues? Click here for tips and tricks.
Check out our WINDOWS 11 Support Center info about: OPTIMIZATION, KNOWN ISSUES, FAQs, VIDEOS AND MORE.
Locked

‎03-19-2020 07:57 AM - edited ‎03-19-2020 07:58 AM

HP Recommended
Product: HP Elitedesk 800 G1

Hi all,

 

I'm currently preparing the rollout of Windows 10 1909 for our clients and ran into an issue with the HP EliteBook G1 desktop. When I load the initial W10 1909 build from October 2019, Bitlocker can encrypt the disk and everything works fine. After applying the November 2019 upgrade (or newer, doesn't matter) Bitlocker is unable to resume protection. When I try to resume Bitlocker, I get "An internal error has occurred within the Trusted Platform Module support program".

I've applied the latest BIOS and also the latest available TPM Firmware (TPM 1.2). I also cleared the TPM.

TPM Settings in the BIOS are as follows:

Tpm PPI policy changed by OS allowed
  Disable
  *Enable
Tpm measure boot variables/devices to PCR1
  *Disable
  Enable
Tpm No PPI provisioning
  Disable
  *Enable
Tpm No PPI maintenance
  *Disable
  Enable

Any hint what I'm doing wrong?

1 ACCEPTED SOLUTION

Accepted Solutions

‎03-24-2020 04:16 AM - last edited on ‎03-24-2020 08:25 AM by Retired

HP Recommended

Ok, found the cause of the issue. Reading [edit]guided me to the solution. Looks like this behavior is a side effect when System Guard Secure Launch is set in the domain via Policy. I have now disable Secure Launch and restaged the device and... voilà, Bitlocker is working again with 1909 and latest cumulative updates. 

View solution in original post

Was this reply helpful? Yes No
1 REPLY 1

‎03-24-2020 04:16 AM - last edited on ‎03-24-2020 08:25 AM by Retired

HP Recommended

Ok, found the cause of the issue. Reading [edit]guided me to the solution. Looks like this behavior is a side effect when System Guard Secure Launch is set in the domain via Policy. I have now disable Secure Launch and restaged the device and... voilà, Bitlocker is working again with 1909 and latest cumulative updates. 

Was this reply helpful? Yes No
Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.