UDI Designer and TS and bitlocker issue with SCCM

PerserPolis-1732 1,516 Reputation points
2023-10-09T13:41:44.1766667+00:00

Hi,

MY UDI designer does not with Bitlocker and does not store the KEY in AD and if I select "Enable Bitlocker"---> Enable Bitlocker using TPM and PIN. all my application I added to install, were not installed.

bitlocker1

My Bitlocker Mode

bitlocker_Mode

bitlocker_Recovery

I have checked the "ZTIBDE.log" but no error message

here my AD, it is empty

bitlocker_AD

And I have added the UILanguage in the customsettings.ini

[Settings]

Priority=Default

Properties=MyCustomProperty

[Default]

OSInstall=Y

SkipCapture=YES

SkipAdminPassword=NO

SkipProductKey=YES

UILanguage=en-US

KeyboardLocale=0407:00000407

Any Idea?

Regards

Microsoft Configuration Manager Deployment
Microsoft Configuration Manager Deployment
Microsoft Configuration Manager: An integrated solution for for managing large groups of personal computers and servers.Deployment: The process of delivering, assembling, and maintaining a particular version of a software system at a site.
929 questions
Microsoft Configuration Manager Application
Microsoft Configuration Manager Application
Microsoft Configuration Manager: An integrated solution for for managing large groups of personal computers and servers.Application: A computer program designed to carry out a specific task other than one relating to the operation of the computer itself, typically to be used by end users.
467 questions
Microsoft Configuration Manager
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. AllenLiu-MSFT 42,356 Reputation points Microsoft Vendor
    2023-10-10T06:34:48.12+00:00

    Hi,

    Thank you for posting in Microsoft Q&A forum.

    One possible solution is to check if the hardware or software prerequisites for BitLocker are in place. Examining the BitLocker-API log can help identify which prerequisite is not satisfied. The most common issues are TPM not being present, WinRE not being enabled, and UEFI BIOS not being enabled for TPM 2.0 devices. Policy misconfiguration can also cause encryption failures.

    Another possible solution is to override the default setting on the Specify the BitLocker recovery details page in the Windows Deployment Wizard. The Windows Deployment Wizard summary page displays a warning to inform the user which drive letter was selected to store BitLocker recovery information. In addition, the BDD.log and ZTIBDE.log files record the removable media devices detected and which device was selected to store the BitLocker recovery information.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Add comment".

    0 comments
  2. PerserPolis-1732 1,516 Reputation points
    2023-10-10T07:33:55.4333333+00:00

    Sorry, either I don't understand what you mean or you don't read my message not carefully. The Bitlocker does work and I can put my PIN after rebooting. But the KEY is not recovered on the AD.

    bitlocker_log

    Another possible solution is to override the default setting on the Specify the BitLocker recovery details page in the Windows Deployment Wizard. The Windows Deployment Wizard summary page displays a warning to inform the user which drive letter was selected to store BitLocker recovery information

    HOW?? I am using UDI

    0 comments