Over the years, we have manually configured the TPM before imaging a system as part of our build process. Dell has since given the ability to automate the entire process after giving the option to automate clearing the TPM. That was always been the big stopper in full automation.
I wrote a series of scripts that I put into the build process that do all of the necessary steps in readying the TPM for bitlocker as shown below. The Smart Reporting, and Wake-On-LAN are additional features I added that do not pertain to the TPM and Bitlocker. The Conditional Reboot is another PowerShell script I wrote that checks if the system is waiting for a reboot and reboots the system if necessary. If interested, this is in another blog of mine.
Here are the files to download. The names correspond with the list shown above so you know what sequence to put them in. I clear the BIOS password at the start and then reset it near the end as setting the PPI TPM Clear requires a BIOS password to be in place to check off that box via a script. These scripts were successfully tested on Dell Optiplex 7070 and Latitude 7420. There was nothing manual that had to be done to ready the TPM for bitocker.
0 comments:
Post a Comment