Ahh, I knew I had run into something similar before. I just found an old thread of mine on the technet forums, where I had a similar issue with Win7 and UEFI. From what I wrote at the time, the issue seemed to be that with UEFI enabled, if bitlocker was initially enabled, using a numeric pin, BEFORE the 'allow enhanced pins' setting gets applied, then the Allow Enhanced Pins setting doesn't take effect unless the drive is fully decrypted and re-encrypted.
https://social.technet.microsoft.com/Forums/en-US/8c685992-bcae-405a-90e6-202e5a765338/windows-7-enterprise-x64-installed-in-uefi-mode-bitlocker-wont-accept-enhanced-pin?forum=w7itprosecurity I'll give that a try and see if that is in fact the same issue I'm running into now. On Sat, Mar 26, 2016 at 9:37 AM, Jason Sandys <[email protected]> wrote: > There’s no difference: Bitlocker is Bitlocker is Bitlocker. MBAM doesn’t > in any way change this. All MBAM is is a management agent and management > server to help manage Bitlocker. > > > > J > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Steve Whitcher > *Sent:* Friday, March 25, 2016 11:33 PM > *To:* [email protected]; [email protected] > *Subject:* Re: [mssms] Windows 10 not allowing Bitlocker Enhanced Pin > > > > Thanks for the reply. Native bitlocker, we don't have mbam. > > I even checked the HKLM\software\policies\microsoft\fve registry key and > confirmed that UseEnhancedPin is set to 1, to be sure that the policy was > actually being applied to the computer. > > > Steve > > On Fri, Mar 25, 2016 at 3:09 PM <[email protected]> wrote: > > Ugh, yes Windows 10 supports bitlocker……. > > > > > > Steve, are you running native bitlocker, or using the MBAM agent? > > > > > > > > *From: *[email protected] > *Sent: *Wednesday, March 23, 2016 3:00 PM > *To: *[email protected] > *Subject: *RE: [mssms] Windows 10 not allowing Bitlocker Enhanced Pin > > > > I hear that bitlocker doesn’t support Windows 10 yet. ????? > > > > Darrin Green > > EVERHELP DESKTOP SUPPORT > > 908-604-3128 > > [email protected] > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Steve Whitcher > *Sent:* Wednesday, March 23, 2016 2:55 PM > *To:* [email protected] > *Subject:* [mssms] Windows 10 not allowing Bitlocker Enhanced Pin > > > > I'm having trouble setting a bitlocker pin after imaging computers with > Win 10 enterprise. We have a the "Allow Bitlocker Enhanced PIN" GPO set, > and these same computers respect that policy when running Windows 7, > allowing alphanumeric PINs for bitlocker. For some reason, when I re-image > the same computer with Win10, then try to change the pin to something > alphanumeric, it won't accept it. I get an error that the pin can only > contain numbers 0-9. > > > > What would cause Win 10 to not allow the use of Enhanced PINs while > windows 7 does? > > > > > ------------------------------ > > > This e-mail is intended only for the person or entity to whom it is > addressed and may contain information that is privileged, confidential, or > otherwise protected from disclosure. If you are not the intended recipient, > or an employee or agent responsible for delivering this message to the > intended recipient, you are notified that any disclosure, copying, > distribution, or the taking of any action in reliance on the contents of > this message is prohibited. If you have received this e-mail in error, > please contact the sender immediately and delete the original message and > all copies from your system. Statements and representations made in this > message are not necessarily that of the Company. > > > >
