Good morning folks I just wanted to clear something up with respect to BITLocker and Pre-Provision if I may. When it comes to using this option what are the restrictions later on in the Task Sequence with respect to Enable BITLocker? I tried a deployment and all was well until Enable BITLocker when SMSTS.LOG whinged at me saying the no key had been specified. It had been. So, I am guessing that Pre-Provision leads to a TPM only implementation? There is a looooooonnnnnnggggg backstory to the following and I am DEEPLY uneasy about this possible solution but: We have a client who has deployed a whole bunch of Win7 BITLockered systems. Recovery keys are stored in a file share. They will not allow the storage of keys in AD. They have an MBAM project which has been running for 9 months with only an HLD so far. Our project should have had their MBAM as a dependency but does not. So, short story, I am trying to get a TPM & PIN solution which stores BITLocker recovery keys in a file share all automated in a Task Sequence. I am prepared to compromise on a standard PIN and am even able to compromise on a standard recovery key and pass the risk back to the client. </rant>
