I have a Standard Client Task Sequence called NEWCOMPUTER which deploys a custom Windows 7 ENT SP1 64-bit .wim to laptop computers. I am attempting to have Bitlocker encrypt the disk when MDT installs the .wim. My test system is a Dell Latitude D630 which has a built-in TPM chip, and it is enabled and activated in the system BIOS. After the task sequence installs the .WIM on the computer and runs the Enable Bitlocker step in State Restore and reboots the system, the system does not boot up. After the BIOS checks the memory, it goes to a screen that says:
Remove disks or other media. Press any key to restart.
So there is something wrong with the boot process. Any ideas? My bitlocker settings in Customsettings.ini are:
SkipBitLocker=NO
BDEInstall=TPM
BDEInstallSuppress=NO
BDEWaitForEncryption=TRUE
BDEDriveSize=512
BDEDriveLetter=S:
BDERecoveryKey=AD
BDEKeyLocation=\\192.168.122.2\f$\bitlocker_keys
BDEAllowAlphaNumericPin=Yes
If I remove these settings, the task sequence installs Windows 7 properly, but the drive is not encrypted with Bitlocker.