08-23-2017 07:43 AM
We have begun deploying T470 laptops. Everything has been set up exactly the same as the T460 model we used previously. With the T470, after imaging with SCCM, the sytem asks for a BitLocker recovery key after each reboot. We have tried suspending BitLocker (per Windows recommendation), rebooting, and re-enabling, to no avail. I then turned off BitLocker, and after decryption, tried to turn it back on, at initial reboot (before encrypting) still prompts for BitLocker Recovery Key, then when I get to Windows, it tells me there is a hardware/firmware issue.
Would Windows 7 64-bit, which does enable TPM 2.0, work in this case?
T470 20JM000CUS - Skylake processor
Windows 7 32-bit
Successfully captured image with SCCM 2016
UEFI - tried both factory version (1.30) and latest (1.32)
Security Chip settings - TPM 1.2 Active Disabled Enabled
Secure Boot disabled
UEFI/Legacy Boot - both Legacy First
Thanks for any suggestions!
Solved! Go to Solution.
08-23-2017 08:08 AM
08-23-2017 08:12 AM
08-23-2017 08:25 AM
08-23-2017 08:42 AM
08-23-2017 10:43 AM - edited 08-23-2017 10:43 AM
Also, if deploying W7 32bit, be sure to change the Thunderbolt Security Level to "Displayport and USB" under BIOS settings > Config > Thunderbolt 3.
Or there will be pain...
I'm not sure if PCIe drives are supported by W7 32bit or not...that may have been changed with the more recent BIOS. In any event, it appears your MTM uses a traditional SATA spinning drive, so this should not be an issue. But if you go Solid state, and continue to want to deploy W7 32bit, you should probably only use a SATA SSD, NOT a PCIe NVMe drive.