• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
Are you having HotKey issues? Click here for tips and tricks.
Check out our WINDOWS 11 Support Center info about: OPTIMIZATION, KNOWN ISSUES, FAQs, VIDEOS AND MORE.
Locked

‎05-12-2017 04:13 AM - edited ‎05-12-2017 04:14 AM

HP Recommended
Product: HP EliteBook x360 1030 G2
Operating System: Microsoft Windows 10 (64-bit)

I am trying to enable BITLocker with PIN on a HP Elitebook x360 via MDT I have this working on Dell latitude laptops and all AD settings have been configured, I can manually enable BITLocker on the Elitebook but need it to recognise the the MDT activation with PIN enabled.

 

I suspect this is a BIOS setting issue. Using UEFI with TPM enabled.

 

BIOS settings dump below

 

BIOSConfig 1.0
;
; Originally created by BIOS Configuration Utility
; Version: 4.0.21.1
; Date="2017/05/12" Time="08:51:15" UTC="1"
;
; Found 165 settings
;
Product Name
HP EliteBook x360 1030 G2
Processor 1 Type
Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Processor 1 Speed
2400 MHz
Processor 1 Cache Size (L1/L2/L3)
128 KB / 512 KB / 3 MB
Processor 1 MicroCode Revision
48
Processor 1 Stepping
9
Processor 1 Bottom-On Board
4 GB Samsung
Serial Number

SKU Number

Universally Unique Identifier (UUID)

Memory Size
8192 MB
System Board CT Number
PGHWE00WB6900D
Primary Battery Serial Number
03402 2017/01/24
Product Family
103C_5336AN G=N L=BUS B=HP S=ELI
MS Digital Marker
4373232
System BIOS Version
P80 Ver. 01.06 03/29/2017
BIOS Build Version
0000
ME Firmware Version
11.6.12.1201
Video BIOS Version
Intel(R) GOP Driver [9.0.1056]
Reference Code Revision
1.3.0
Embedded Controller Firmware Version
44.57
Born On Date
05/10/2017
System Board ID
827D
Asset Tracking Number
5CG7113B7R
Ownership Tag

Feature Byte
3X476J6S6b7H7M7R7WaBaEapaqauawbVbhdQdUdpdqgd.FQ
Build ID
16WWOLAT601#SABU#DABU
Lock BIOS Version
*Disable
Enable
BIOS Rollback Policy
*Unrestricted Rollback to older BIOS
Restricted Rollback to older BIOS
Minimum BIOS Version
00.00
Manufacturing Programming Mode
Unlock
*Lock
Password Minimum Length
8
At least one symbol is required in Administrator and User passwords
*No
Yes
At least one number is required in Administrator and User passwords
*No
Yes
At least one upper case character is required in Administrator and User passwords
*No
Yes
At least one lower case character is required in Administrator and User passwords
*No
Yes
Are spaces allowed in Administrator and User passwords?
*No
Yes
Prompt for Admin password on F9 (Boot Menu)
*Disable
Enable
Prompt for Admin password on F11 (System Recovery)
*Disable
Enable
Prompt for Admin password on F12 (Network Boot)
*Disable
Enable
TPM Specification Version
2.0
TPM Device
Hidden
*Available
TPM State
Disable
*Enable
Clear TPM
*No
On next boot
TPM Activation Policy
F1 to Boot
Allow user to reject
*No prompts
Verify Boot Block on every boot
*Disable
Enable
BIOS Data Recovery Policy
*Automatic
Manual
Dynamic Runtime Scanning of Boot Block
Disable
*Enable
Sure Start BIOS Settings Protection
*Disable
Enable
Enhanced HP Firmware Runtime Intrusion Prevention and Detection
Disable
*Enable
Sure Start Security Event Policy
Log Event Only
*Log Event and notify user
Log Event and power off system
Save/Restore GPT of System Hard Drive
*Disabled
Enabled
Save/Restore MBR of System Hard Drive
*Disable
Enable
Secure Erase Hard Disk Serial Number

Secure Erase Hard Disk Model Number

Secure Erase Completion Date

Secure Erase Completion Status

Allow OPAL Hard Drive SID Authentication
Disable
*Enable
Permanent Disable Absolute Persistence Module Set Once
*No
Yes
Absolute Persistence Module Current State
*Inactive
Active
System Management Command
Disable
*Enable
SureStart Production Mode
Disable
*Enable
Fingerprint Reset on Reboot
*Disable
Enable
Host Based MAC Address
*Disable
System
Custom
HBMA Factory MAC Address
40-B0-34-F0-23-EE
HBMA System MAC Address
40-B0-34-F0-23-EE
HBMA Custom MAC Address
00-00-00-00-00-00
Pre-boot HBMA Support
Disable
*Enable
Windows HBMA Support
Disable
*Enable
Single NIC Operation (Disable All Other NICs when HBMA is active on one NIC)
*Disable
Enable
HBMA Priority List
USB NIC Dongle:HP External Adapter :0BDA_8153
Thunderbolt Dock:HP Elite Dock :14E4_1682:14E4_1682
USB NIC Dongle:HP USB-C Travel Dock :17E9_4352
USB NIC Dongle:HP USB Travel Dock :17E9_4351
USB NIC Dongle:HP 3005pr :17E9_430A
USB NIC Dongle:HP Universal pr :17E9_4327
Select Language
*English
Deutsch
Espanol
Italiano
Francais
Japanese
Portugues
Dansk
Svenska
Nederlands
Norsk
Suomi
Simplified Chinese
Traditional Chinese
Select Keyboard Layout
*English
Deutsch
Espanol
Italiano
Francais
Japanese
Portugues
Dansk
Svenska
Nederlands
Norsk
Suomi
Simplified Chinese
Traditional Chinese
Sunday
*Disable
Enable
Monday
*Disable
Enable
Tuesday
*Disable
Enable
Wednesday
*Disable
Enable
Thursday
*Disable
Enable
Friday
*Disable
Enable
Saturday
*Disable
Enable
BIOS Power-On Hour
0
BIOS Power-On Minute
0
Power On When AC Detected
*Disable
Enable
Power On When Lid is Opened
*Disable
Enable
Startup Delay (sec.)
*0
5
10
15
20
25
30
35
40
45
50
55
60
Fast Boot
*Disable
Enable
Audio Alerts During Boot
Disable
*Enable
NumLock on at boot
*Disable
Enable
CD-ROM Boot
*Disable
Enable
Prompt on Memory Size Change
Disable
*Enable
USB Storage Boot
Disable
*Enable
Network (PXE) Boot
Disable
*Enable
Prompt on Fixed Storage Change
*Disable
Enable
Prompt on Battery Errors
*Disable
Enable
Legacy Boot Options
*Disable
Enable
Legacy Boot Order
<no legacy boot options available>
UEFI Boot Options
Disable
*Enable
UEFI Boot Order
HDD:M.2:1
HDD:USB:1
HDD:USB:1
NETWORK IPV6:EXPANSION:1
NETWORK IPV4:EXPANSION:1(Disabled)
Smart Card Reader Power Setting (if present)
Always powered on
*Powered on if card is present
Power Control
*Disable
Enable
Swap Fn and Ctrl (Keys)
*Disable
Enable
Fast Charge
Disable
*Enable
Fan Always on while on AC Power
Disable
*Enable
Wake on WLAN
Disable
*Enable
Boost Converter
Disable
*Enable
Backlit keyboard timeout
5 secs.
*15 secs.
30 secs.
1 min..
5 mins.
Never.
Bluetooth
Disable
*Enable
Wireless Network Device (WLAN)
Disable
*Enable
LAN / WLAN Auto Switching
*Disable
Enable
Configure Legacy Support and Secure Boot
Legacy Support Enable and Secure Boot Disable
*Legacy Support Disable and Secure Boot Enable
Legacy Support Disable and Secure Boot Disable
Import Custom Secure Boot keys
*Do Nothing
On next boot
Clear Secure Boot keys
*Disable
Enable
Reset Secure Boot keys to factory defaults
*Disable
Enable
Enable MS UEFI CA key
No
*Yes
Ready to disable MS UEFI CA Key
Not Ready
*Ready
Custom Keys Image Verification State
*No Custom Keys
Fail
Success
Ready BIOS for Device Guard Use
*Do Nothing
Configure on Next Boot
Clear Configuration on Next Boot
USB Type-C Controller(s) Firmware Version:
TIPD Primary 1-Port Controller : 1.11.5
Enable Turbo Boost on DC
*Disable
Enable
Dynamic Platform and Thermal Framework (DPTF)
Disable
*Enable
Audio Device
Disable
*Enable
Integrated Microphone
Disable
*Enable
Internal Speakers
Disable
*Enable
Runtime Power Management
Disable
*Enable
Extended Idle Power States
Disable
*Enable
Headphone Output
Disable
*Enable
Wake unit from sleep when lid is opened
*Disable
Enable
Wake on USB
Disable
*Enable
PCI Express Power Management
Disable
*Enable
Integrated Camera
Disable
*Enable
Fingerprint Device
Disable
*Enable
Touch Device
Disable
*Enable
Video Memory Size
*32 MB
64 MB
128 MB
256 MB
512 MB
Media Card Reader
Disable
*Enable
USB Ports
Disable
*Enable
USB Legacy Port Charging
Disable
*Enable
Disable Charging Port in sleep/off if battery below (%):
10
Smart Card
Disabled
*Enabled
Thunderbolt Security Level
*PCIe and DisplayPort - No Security
PCIe and DisplayPort - User Authorization
PCIe and DisplayPort - Secure Connect
DisplayPort only
Configure Option ROM Launch Policy
All Legacy
*All UEFI
All UEFI Except Video
Turbo-boost
Disable
*Enable
Hyperthreading
Disable
*Enable
Multi-processor
Disable
*Enable
Virtualization Technology (VTx)
Disable
*Enable
Virtualization Technology for Directed I/O (VTd)
Disable
*Enable
Deep Sleep
Off
*On
Update Source
*HP
Custom
Automatically Check for Updates
Daily
Weekly
*Monthly
Automatic BIOS Update Setting
*Disable
Let user decide whether to install updates
Install all updates automatically
Install only important updates automatically
Update Address

Force Check on Reboot
*Disable
Enable
Update BIOS via Network
Disable
*Enable
Use Proxy
*Disable
Enable
Proxy Address

DNS Configuration
*Automatic
Manual
DNS Addresses

Data transfer timeout
100
IPv4 Address

IPv4 Configuration
*Automatic
Manual
IPv4 Gateway

IPv4 Subnet Mask

Force HTTP no-cache
*Disable
Enable
Save Custom Defaults
*Do not Save
Save
Apply Custom Defaults and Exit
*No
Yes
Apply Factory Defaults and Exit
*No
Yes

 

1 REPLY 1

‎01-25-2018 08:03 AM

HP Recommended

Try this:

 

BIOSConfig 1.0
Lock BIOS Version
 *Disable
 Enable
BIOS Rollback Policy
 *Unrestricted Rollback to older BIOS
 Restricted Rollback to older BIOS
Minimum BIOS Version
 00.00
Manufacturing Programming Mode
 Unlock
 *Lock
Prompt for Admin password on F9 (Boot Menu)
 *Disable
 Enable
Prompt for Admin password on F11 (System Recovery)
 *Disable
 Enable
Prompt for Admin password on F12 (Network Boot)
 *Disable
 Enable
TPM Specification Version
 2.0
TPM Device
 Hidden
 *Available
TPM State
 Disable
 *Enable
Clear TPM
 *No
 On next boot
TPM Activation Policy
 F1 to Boot
 Allow user to reject
 *No prompts
Verify Boot Block on every boot
 *Disable
 Enable
BIOS Data Recovery Policy
 *Automatic
 Manual
Dynamic Runtime Scanning of Boot Block
 Disable
 *Enable
Sure Start BIOS Settings Protection
 *Disable
 Enable
Enhanced HP Firmware Runtime Intrusion Prevention and Detection
 Disable
 *Enable
Sure Start Security Event Policy
 *Log Event Only
 Log Event and notify user
 Log Event and power off system
Save/Restore GPT of System Hard Drive
 *Disabled
 Enabled
Save/Restore MBR of System Hard Drive
 *Disable
 Enable
Allow OPAL Hard Drive SID Authentication
 *Disable
 Enable
Permanent Disable Absolute Persistence Module Set Once
 *No
 Yes
Absolute Persistence Module Current State
 *Inactive
 Active
System Management Command
 Disable
 *Enable
SureStart Production Mode
 Disable
 *Enable
Host Based MAC Address
 Disable
 *System
 Custom
Pre-boot HBMA Support
 Disable
 *Enable
Windows HBMA Support
 Disable
 *Enable
Single NIC Operation (Disable All Other NICs when HBMA is active on one NIC)
 *Disable
 Enable
Reuse Embedded LAN Address
 *Disable
 Enable
HBMA Priority List
 Thunderbolt Dock:HP Elite Dock :14E4_1682:14E4_1682
 USB NIC Dongle:HP External Adapter :0BDA_8153
 USB NIC Dongle:HP USB-C Travel Dock :17E9_4352
 USB NIC Dongle:HP USB Travel Dock :17E9_4351
 USB NIC Dongle:HP 3005pr :17E9_430A
 USB NIC Dongle:HP Universal pr :17E9_4327
Select Language
 *English
 Deutsch
 Espanol
 Italiano
 Francais
 Japanese
 Portugues
 Dansk
 Svenska
 Nederlands
 Norsk
 Suomi
 Simplified Chinese
 Traditional Chinese
Select Keyboard Layout
 *English
 Deutsch
 Espanol
 Italiano
 Francais
 Japanese
 Portugues
 Dansk
 Svenska
 Nederlands
 Norsk
 Suomi
 Simplified Chinese
 Traditional Chinese
Sunday
 *Disable
 Enable
Monday
 *Disable
 Enable
Tuesday
 *Disable
 Enable
Wednesday
 *Disable
 Enable
Thursday
 *Disable
 Enable
Friday
 *Disable
 Enable
Saturday
 *Disable
 Enable
BIOS Power-On Hour
 0
BIOS Power-On Minute
 0
Power On When AC Detected
 *Disable
 Enable
Power On When Lid is Opened
 *Disable
 Enable
Startup Delay (sec.)
 *0
 5
 10
 15
 20
 25
 30
 35
 40
 45
 50
 55
 60
Fast Boot
 Disable
 *Enable
Audio Alerts During Boot
 *Disable
 Enable
NumLock on at boot
 *Disable
 Enable
Prompt on Memory Size Change
 *Disable
 Enable
USB Storage Boot
 Disable
 *Enable
Network (PXE) Boot
 Disable
 *Enable
Prompt on Fixed Storage Change
 *Disable
 Enable
Prompt on Battery Errors
 Disable
 *Enable
Legacy Boot Options
 Disable
 *Enable
Legacy Boot Order
 <no legacy boot options available>
UEFI Boot Options
 Disable
 *Enable
UEFI Boot Order
 HDD:M.2:1
 HDD:USB:1
HP_Disk0MapForUefiBootOrder
 PciRoot(0x0)/Pci(0x1D,0x0)/Pci(0x0,0x0)/NVMe(0x1,CA-82-BC-71-B8-38-25-00)
 PciRoot(0x0)/Pci(0x14,0x0)
HP_Disk0MapForLegacyBootOrder
 BBS(HD,SAMSUNG MZVLW512HMJP-000H1-S36ENX0J840774,0x400)/PciRoot(0x0)/Pci(0x1D,0x0)/Pci(0x0,0x0)/NVMe(0x1,CA-82-BC-71-B8-38-25-00)
 BBS(0xFFFF,,0x0)/PciRoot(0x0)/Pci(0x14,0x0)
 BBS(Network,Intel Corporation: Realtek PXE B39 D00,0x0)/PciRoot(0x0)/Pci(0x1C,0x0)/Pci(0x0,0x0)/Pci(0x2,0x0)/Pci(0x0,0x0)/IPv4(0.0.0.0,0x0,DHCP,0.0.0.0,0.0.0.0,0.0.0.0)
Smart Card Reader Power Setting (if present)
 *Always powered on
 Powered on if card is present
Power Control
 *Disable
 Enable
Swap Fn and Ctrl (Keys)
 *Disable
 Enable
Fan Always on while on AC Power
 *Disable
 Enable
Wake on WLAN
 *Disable
 Enable
Boost Converter
 Disable
 *Enable
Backlit keyboard timeout
 5 secs.
 *15 secs.
 30 secs.
 1 min..
 5 mins.
 Never.
Bluetooth
 *Disable
 Enable
Wireless Network Device (WLAN)
 Disable
 *Enable
LAN / WLAN Auto Switching
 *Disable
 Enable
Configure Legacy Support and Secure Boot
 Legacy Support Enable and Secure Boot Disable
 *Legacy Support Disable and Secure Boot Enable
 Legacy Support Disable and Secure Boot Disable
Import Custom Secure Boot keys
 *Do Nothing
 On next boot
Clear Secure Boot keys
 *Disable
 Enable
Reset Secure Boot keys to factory defaults
 *Disable
 Enable
Enable MS UEFI CA key
 No
 *Yes
Ready to disable MS UEFI CA Key
 Not Ready
 *Ready
Custom Keys Image Verification State
 *No Custom Keys
 Fail
 Success
Ready BIOS for Device Guard Use
 *Do Nothing
 Configure on Next Boot
 Clear Configuration on Next Boot
Enable Turbo Boost on DC
 *Disable
 Enable
Dynamic Platform and Thermal Framework (DPTF)
 Disable
 *Enable
Audio Device
 Disable
 *Enable
Integrated Microphone
 *Disable
 Enable
Internal Speakers
 Disable
 *Enable
Runtime Power Management
 Disable
 *Enable
Extended Idle Power States
 Disable
 *Enable
Headphone Output
 Disable
 *Enable
Wake when Lid is Opened
 *Disable
 Enable
Disable Battery On Next Boot
 *Do not disable
 Next shut down
Wake on USB
 Disable
 *Enable
PCI Express Power Management
 Disable
 *Enable
Integrated Camera
 *Disable
 Enable
Fingerprint Device
 *Disable
 Enable
Touch Device
 Disable
 *Enable
Video Memory Size
 *32 MB
 64 MB
 128 MB
 256 MB
 512 MB
Media Card Reader
 Disable
 *Enable
USB Legacy Port Charging
 Disable
 *Enable
Left USB Ports
 Disable
 *Enable
Right USB Ports
 Disable
 *Enable
Smart Card
 Disabled
 *Enabled
Thunderbolt Type C Ports
 Disable
 *Enable
Thunderbolt Security Level
 *PCIe and DisplayPort - No Security
 PCIe and DisplayPort - User Authorization
 PCIe and DisplayPort - Secure Connect
 DisplayPort and USB
Require BIOS PW to change TBT SL
 *Disable
 Enable
Configure Option ROM Launch Policy
 All Legacy
 *All UEFI
 All UEFI Except Video
Intel Software Guard Extensions (SGX)
 Disable
 Enable
 *Software control
Turbo-boost
 Disable
 *Enable
Hyperthreading
 Disable
 *Enable
Multi-processor
 Disable
 *Enable
Virtualization Technology (VTx)
 Disable
 *Enable
Virtualization Technology for Directed I/O (VTd)
 Disable
 *Enable
Trusted Execution Technology (TXT)
 Disable
 *Enable
Active Management (AMT)
 *Disable
 Enable
USB Key Provisioning Support
 *Disable
 Enable
Unconfigure AMT on next boot
 Do Not Apply
 *Apply
SOL Terminal Emulation Mode
 *ANSI
 VT100
Verbose Boot Messages
 *Disable
 Enable
Watchdog Timer
 *Disable
 Enable
OS Watchdog Timer (min.)
 *5
 10
 15
 20
 25
BIOS Watchdog Timer (min.)
 *5
 10
 15
 20
 25
USB Redirection Support
 Disable
 *Enable
Show Unconfigure ME Confirmation Prompt
 Disable
 *Enable
Wireless Manageability
 Disable
 *Enable
CIRA Timeout (min.)
 *1 min
 2 mins
 3 mins
 4 mins
 Never
Deep Sleep
 Off
 *On
Update Source
 *HP
 Custom
Automatically Check for Updates
 Daily
 Weekly
 *Monthly
Automatic BIOS Update Setting
 *Disable
 Let user decide whether to install updates
 Install all updates automatically
 Install only important updates automatically
Force Check on Reboot
 *Disable
 Enable
Update BIOS via Network
 *Disable
 Enable
Use Proxy
 *Disable
 Enable
DNS Configuration
 *Automatic
 Manual
Data transfer timeout
 100
IPv4 Configuration
 *Automatic
 Manual
Force HTTP no-cache
 *Disable
 Enable

Was this reply helpful? Yes No
Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.