![]() It’s not necessary to do so, but it will at least give you some info on whether or not the chip was enabled in the SMSTS.log. If you want it real neat and pretty, you could make an option on the step to not run if the Chip is already active. The TPM chip will now be activated during the next reboot, which off cause means that you must add a reboot before enabling Bitlocker. This means that Active is correct but active is NOT. It’s important that the settings you want to change are written exactly as they appear in the ListAll output, as they are case sensitive, or the script will fail. Just place it in your scripts package (or create one), and then in your Task Sequence add a Run Command line STEP Like shown in the PictureĬommand line: Cscript.exe SetConfig.vbs Securit圜hip Active To change the settings we utilize the script SetConfig.vbs. these settings can be changed as well if necessary) ![]() (you will also notice that the computer is running in AHCI mode, and that Virtualization is disabled along with a lot of other stuff. In the picture below (from a LENOVO W520), you can se that the Security chip is Inactive, and needs to be activated for Bitlocker to work. Just open an elevated command prompt and run the ListAll.vbs, and remember use cscript.exe when you execute the script, or you will get like 50 message boxes… The ListAll script, will list the status of all WMI configurable settings in the BIOS. Once you have the scripts, the once you need are ListAll.vbs and SetConfig.vbs. ![]() pdf guides ( Get the scripts HERE).īe aware that only he following ThinkPad systems are supported: LENOVO has been kind enough to supply the scripts needed to do this, along with some. This is actually real simple on a LENOVO laptop, as this can all be done using WMI. The first thing I wanted to do was to check if the TPM chis was already Active, and if not, Activate it. I just finished messing around with activating the TPM Chip in the BIOS From a Task sequence on those LENOVO computers, and once all the minor obstacles were figured out, it turned out to be quiet easy. On a lot of these computers the security Chip has been disabled or is in Inactive mode, thus not allowing the use of Bitlocker. I have some customers who run strictly Lenovo Computers (laptops and Desktops).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |