Page 3 of 3 FirstFirst 123
  1.    10 Mar 2017 #21
    Join Date : Feb 2017
    Posts : 10
    Windows 10 Pro
    Thread Starter

    To answer the two additional questions - I'm not on the Insider track and I'm running Windows 10 Pro Anniversary Update x64.

    Regarding the password - I'm quoting TechNet here: "Starting with Windows 10, version 1607, Windows will not retain the TPM owner password when provisioning the TPM. The password will be set to a random high entropy value and then discarded." So there's literally no password for me to save. I don't even get a prompt or an option to save it. In the screenshoot I've posted I just disabled this behavior using regedit to see if it fixes anything, but it doesn't, regardless of where I save the password file.
      My ComputerSystem Spec
  2.    10 Mar 2017 #22
    Join Date : Jun 2014
    USA
    Posts : 1,571
    Windows 10 Pro x64

    I don't know what's going on, I just know mine works. I'm running Windows 10 x64, version 1607, build 14393.693. I use a MS account to login to my PC. I've done no reg hacks, just plugged the TPM module into my MB, rebooted Windows a couple of times, and started BitLocker. All good.

    Anyway good luck on solving your issue. Let us know if you do, and what you did to get it to work.

    Peace
      My ComputersSystem Spec
  3.    22 Mar 2017 #23
    Join Date : Mar 2017
    Posts : 3
    Windows 10 Enterprise

    Same problem here, with a Gigabyte z97x-ud5h-bk Ver 1.1 mobo. Their latest public BIOS (F8) won't even enable the TPM 2.0 chip. Technical Support gave me a BIOS version F9b that does enable the chip, but gets stuck when it's supposed to present the security prompt after I initiate a TPM clearing from the OS.

    So far I have researched that "reduced functionality" will be shown if UEFI and Secure Boot are not enabled: https://support.microsoft.com/en-us/...e-with-tpm-2.0

    The TPM 2.0 specs require UEFI for full functionality. In my case, this makes sense since I don't have UEFI enabled.

    Now, I don't know if that is the reason for both the OS being unable to extract the encryption keys when attempting to encrypt a drive and the BIOS halting the booting sequence after triggering a TPM clearing from the OS.
      My ComputerSystem Spec
  4.    26 Mar 2017 #24
    Join Date : Feb 2017
    Posts : 10
    Windows 10 Pro
    Thread Starter

    The solution


    Hey everyone. This might be coming right out of the blue, but the issue's been resolved.

    A few days after making a thread here, I've also made one on Tom's Hardware, and yesterday it had received its first reply, which was also a working solution, one that could only be described as "well duh".

    As you may know, in order for the TPM to work, you need to have UEFI and Secure Boot enabled. Additionally, in order for those two to work properly, you also need to have your system drive partitioned as GPT. Quite obvious, and that's why I didn't even think about (not even in the slightest) to go and check whether the drive really is partitioned as GPT. Turns out, it was of course partitioned as MBR, despite the fact that I've had (and still have) Legacy boot disabled when installing Windows, and that I've also specifically told the installer to partition my new drive as GPT (which I CLEARLY remember doing). Heck, even the Disk Management console reported that I was using an UEFI Boot loader, so it seems that the installer has just blatantly disregarded my request to partition the drive as GPT.

    Nevertheless, I've used AOMEI Partition Assistant to convert the drive to GPT, and both the TPM and BitLocker are now working flawlessly.

    Quote Originally Posted by r01k View Post
    Same problem here, with a Gigabyte z97x-ud5h-bk Ver 1.1 mobo. Their latest public BIOS (F8) won't even enable the TPM 2.0 chip. Technical Support gave me a BIOS version F9b that does enable the chip, but gets stuck when it's supposed to present the security prompt after I initiate a TPM clearing from the OS.

    So far I have researched that "reduced functionality" will be shown if UEFI and Secure Boot are not enabled: https://support.microsoft.com/en-us/...e-with-tpm-2.0

    The TPM 2.0 specs require UEFI for full functionality. In my case, this makes sense since I don't have UEFI enabled.

    Now, I don't know if that is the reason for both the OS being unable to extract the encryption keys when attempting to encrypt a drive and the BIOS halting the booting sequence after triggering a TPM clearing from the OS.
    As for you r01k, I really don't think that there's a way to get the TPM to work right without having UEFI enabled, as TPM 2.0 uses such instructions to communicate both with the OS and the BIOS that simply don't work without UEFI enabled, and therefore the OS can't load the encryption keys from the module, nor initiate a proper clearing. :/

    But anyways, thank you all for your help and suggestions.
      My ComputerSystem Spec
  5.    26 Mar 2017 #25
    Join Date : Mar 2017
    Posts : 3
    Windows 10 Enterprise

    Man, thanks a lot!

    I converted the drive from MBR to GPT and enabled UEFI in BIOS (as this is the System drive). After booting, TPM Management showed "The TPM is ready for use" but attempting to encrypt the drive now failed with "Windows cannot find the specified file". Some Googling pointed to renaming the file "C:\Windows\System32\Recovery\ReAgent.xml", which did work.
      My ComputerSystem Spec
  6.    02 Apr 2017 #26
    Join Date : Jun 2014
    USA
    Posts : 1,571
    Windows 10 Pro x64

    BIOS Updates


    Just FYI,

    I just upgraded my BIOS and when I went to boot into Windows I was presented a TPM screen where I was told my BIOS ID didn't match and was required to input my TPM Key. No issue since I had the key on a thumb drive. Just used my laptop to get the info I needed. Had I not had this key I would have been locked out. Bottom line is make sure you have your TPM key available should you upgrade your BIOS. And if you don't have a key I suggest you get one.

    Peace
      My ComputersSystem Spec
  7.    02 Apr 2017 #27
    Join Date : Mar 2017
    Posts : 3
    Windows 10 Enterprise

    Good info.

    I have a copy of my keys on the cloud and another inside a locked fire-proof box.

    Did you set your TPM to use SHA256?
      My ComputerSystem Spec
  8.    03 Apr 2017 #28
    Join Date : Jun 2014
    USA
    Posts : 1,571
    Windows 10 Pro x64

    Yeah.
      My ComputersSystem Spec

 
Page 3 of 3 FirstFirst 123


Similar Threads
Thread Forum
Unable to unlock USB drives encrypted/locked with Bitlocker To Go
Hey All, Recently my company provided me with a Windows 10 SOE image as part of a UAT. The image includes Symantec Endpoint Encryption which utilizes Bitlocker for encryption. I went through all of the motions with the C:\ drive to be...
AntiVirus, Firewalls and System Security
Performance & Maintenance Specify Hiberfile Type as Full or Reduced in Windows 10
How to Specify Hiberfile Type as Full or Reduced in Windows 10 Hibernation files are used for hybrid sleep, fast startup, and standard hibernation (described earlier). There are two types, differentiated by size, a full and reduced size...
Tutorials
BitLocker functionality (currently having some issues)
I recently decided to encrypt all my data, on every machine, which covers two desktop PC's and a laptop, all running Windows 10 Pro x64. I've now started the work with BitLocker by encrypting a few external drives plus a few secondary store drives...
AntiVirus, Firewalls and System Security
Reduced WiFi speeds after w10 upgrade from w7
Hello! I have a PC with a Belkin Wireless N600 wifi Dongle that I use with a belkin router. I've had this setup for years and have never had trouble until upgrading to Windows 10. Now I'm getting intermittent speeds on my PC only....my chromebook...
Network and Sharing
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 05:44.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums