I've configured my drives correctly and set the Policy for allowing non-TPM
USB Mode. but every time i try to run the System-check it reports that my
USB Drive cannot be read from the BIOS.

I've tried this on multiple BIOS-Updated Systems and still get the same
result.

I use build 5728\RC1 Ent. Edition

"Or Tsemah" wrote in message
...
I've configured my drives correctly and set the Policy for allowing
non-TPM
USB Mode. but every time i try to run the System-check it reports that my
USB Drive cannot be read from the BIOS.



I cannot even get past the BitLocker check for hard drive space. I have a
1.8GB partition already formatted, yet BitLocker config does not recognize
and wants me to format (another?) partition. If you get it to work, let me
know. I am also using v5728 in a non-TPM computer.


--
Edward Ray
CCIE Security, CISSP, GCIA Gold, GCIH Gold, MCSE+Security, PE

First make sure you have the USB thumb drive inserted into a USB slot during
the boot. Make sure you don't have any other USB thumb drives or storage
devices plugged in. Try using a different USB port on the computer, and that
you're not using a USB bridge. In the BIOS, look for an option like "USB
legacy emulation", and if that option exists and is turned off, try turning
it on.

This is one of the reasons we added the check, and means that the BIOS does
not have the capability of reading the USB at boot time in the manner that
BitLocker requires. Sometimes the BIOS just has restrictions on where the
USB thumb drive can be plugged in and what other devices can be plugged in
at the same time.

We've found this is more of an issue on older computers and less of an issue
(but still can be an issue) on newer computers.
--
Jamie Hunter [MS]

"Or Tsemah" wrote in message
...
I've configured my drives correctly and set the Policy for allowing
non-TPM
USB Mode. but every time i try to run the System-check it reports that my
USB Drive cannot be read from the BIOS.

I've tried this on multiple BIOS-Updated Systems and still get the same
result.

I use build 5728\RC1 Ent. Edition

What is the exact message you are getting Edward? Thanks!
--
Jamie Hunter [MS]

"Edward Ray" wrote in message
...

I cannot even get past the BitLocker check for hard drive space. I have a
1.8GB partition already formatted, yet BitLocker config does not recognize
and wants me to format (another?) partition. If you get it to work, let
me know. I am also using v5728 in a non-TPM computer.


--
Edward Ray
CCIE Security, CISSP, GCIA Gold, GCIH Gold, MCSE+Security, PE

"Jamie Hunter [MS]" wrote in message
...
First make sure you have the USB thumb drive inserted into a USB slot
during the boot. Make sure you don't have any other USB thumb drives or
storage devices plugged in. Try using a different USB port on the
computer, and that you're not using a USB bridge. In the BIOS, look for an
option like "USB legacy emulation", and if that option exists and is
turned off, try turning it on.

This is one of the reasons we added the check, and means that the BIOS
does not have the capability of reading the USB at boot time in the manner
that BitLocker requires. Sometimes the BIOS just has restrictions on where
the USB thumb drive can be plugged in and what other devices can be
plugged in at the same time.

We've found this is more of an issue on older computers and less of an
issue (but still can be an issue) on newer computers.
--
Jamie Hunter [MS]


The only other thing I have plugged in to a USB port is my Wireless Mouse.
Computer is a Dell Inspiron 6000 laptop, 2 GHz Pentium M, 2GB RAM that I
bought last summer. The BitLocker Drive Encryption Window says that the
drive configuration is unsuitable for Bitlocker encryption, and that a TPM
was not found. My hard drive is partitioned as follows:

Disk 0 (74.53GB)

55 MB EISA Configuration (no idea what this is), Simple Basic
1.8GB, BitLocker (F Simple, Basic, NTFS, Primary Partition
72.65GB, ERAYLAP2(C, System, Boot, PAgefile, Active Crash, Simple, Basic,
NTFS

Disk 1 (64MB)

BitLocker_ERAYLAP2 (E, USB Stick, Simple, Basic, NTFS, 64MB


--
Edward Ray
CCIE Security, CISSP, GCIA Gold, GCIH Gold, MCSE+Security, PE

Thanks for the detailed info.

Referencing your partitions:

1.8GB, BitLocker (F Simple, Basic, NTFS, Primary Partition
72.65GB, ERAYLAP2(C, System, Boot, PAgefile, Active Crash, Simple, Basic,
NTFS

The problem is that although you've nicely configured F: with the right size
and as a primary partition, the C: drive is still the Active partition (the
partition with boot files on it). BitLocker cannot encrypt the partition
that has the boot files on it, which is why you are getting the error you
are receiving.

We are working on a tool that can be run to fix up this scenario, as getting
the boot files over to the F: partition is non-trivial.

Follow the step-by-step here to get this system configured correctly:
http://www.microsoft.com/technet/win...1.mspx#BKMK_S1

(Scenario 1 to format the partitions, and Scenario 3 to turn on the non-TPM
mode)
--
Jamie Hunter [MS]

"Edward Ray" wrote in message
news

"Jamie Hunter [MS]" wrote in message
...
First make sure you have the USB thumb drive inserted into a USB slot
during the boot. Make sure you don't have any other USB thumb drives or
storage devices plugged in. Try using a different USB port on the
computer, and that you're not using a USB bridge. In the BIOS, look for
an option like "USB legacy emulation", and if that option exists and is
turned off, try turning it on.

This is one of the reasons we added the check, and means that the BIOS
does not have the capability of reading the USB at boot time in the
manner that BitLocker requires. Sometimes the BIOS just has restrictions
on where the USB thumb drive can be plugged in and what other devices can
be plugged in at the same time.

We've found this is more of an issue on older computers and less of an
issue (but still can be an issue) on newer computers.
--
Jamie Hunter [MS]


The only other thing I have plugged in to a USB port is my Wireless Mouse.
Computer is a Dell Inspiron 6000 laptop, 2 GHz Pentium M, 2GB RAM that I
bought last summer. The BitLocker Drive Encryption Window says that the
drive configuration is unsuitable for Bitlocker encryption, and that a TPM
was not found. My hard drive is partitioned as follows:

Disk 0 (74.53GB)

55 MB EISA Configuration (no idea what this is), Simple Basic
1.8GB, BitLocker (F Simple, Basic, NTFS, Primary Partition
72.65GB, ERAYLAP2(C, System, Boot, PAgefile, Active Crash, Simple,
Basic, NTFS

Disk 1 (64MB)

BitLocker_ERAYLAP2 (E, USB Stick, Simple, Basic, NTFS, 64MB


--
Edward Ray
CCIE Security, CISSP, GCIA Gold, GCIH Gold, MCSE+Security, PE