Dear All,
Currently we have laptop clients with bitlocker enabled on all partitions and deployment goes, still by SCCM 2007, with PXE-boot. Clients are added to a collection and by using F12 the will be deployed. Laptop clients currently have 3 partitions, 1xBDE, 1,OS (C: ) and 1x D: (data). We would like to have 2 scenarios, new systems & refresh. A boot menu (HTA) we already have in place to set a variable refresh (True/False) which we would like to use in our Task Sequence. The refresh is only intend to refresh the OS (C: ) partition with Windows version. Bitlocker recovery keys are stored in Active Directory. User data capture/restore isn't needed because its stored on the network or on the D: drive. With another customer which is used McAfee Encryption we simply used to media hook (within bootimag) to check if the drive was encrypted or not and deleted the OS partition, recreate it and apply OS by using the task sequence. After the deployment McAfee automatically decrypts D: and encrypted it again. Working nicely.. Keep partition D: and refresh everything else? Already found this blog http://windowsmasher.wordpress.com/2012/04/08/sccm-task-sequence-disable-bit locker-in-winpe/ think it could be a option to try. Is there any way to achieve this with bitlocker as well? Thank you in advance! Within kind regards, David
