W511, Windows8 ENT and Bitlocker

EricGS
EricGS Member Posts: 5 New User

I'm trialling a Iconia W511 and have put Windows 8 Enterprise on it. I need to get it working with Bitlocker but it refuses to start. the TPM chip is enabled and using the correct MS driver. I get the message "A problem occurred during BitLocker setup. You may need to restart BitLocker setup to continue. Error code 0x90284001."

 

Dr Google hasn't thown up anything that helps, so I hoped this community might have some knowledge.

Answers

  • padgett
    padgett ACE Posts: 4,532 Pathfinder

    I would suggest shrinking C a bit, creating a D partition, adding a small file, and trying the bitlocker there. When near enpty it should be fast and running programs won't interfere. This will show if it can run.

     

    Next I'd try booting in safe mode and see if bilocker will work then on C.

     

    I have used Bitlocker on my W510 with Windows to Go so know it can work but am not sure about the 3G drivers for the W511.

  • EricGS
    EricGS Member Posts: 5 New User

    Thanks padgett. Got round it by booting with Shift helfd down. Of course then I ran in to the limitation that you cannot use anything but a USB keyboard orf the BL PIN. The attached Iconia keyboard doesn't work for that and the on-screen keyboard won't be loaded when the PIN appears.

     

    As we require two-factor authentication the only way I can see this being of use is buying a mini numeric keyboard with micro-usb adaptor and requiring our users (who will inevitably be the VIP ones) to carry it around with the device. I'm not sure that will wash.

     

    A shame because the device was almost perfect for our needs. I don't blame Acer, this is Microsoft still being waaaay behind the curve on tablets.

  • padgett
    padgett ACE Posts: 4,532 Pathfinder

    That is strange, I thought the W51x dock was a USB keyboard, it is the W3 that has a BT one. Don't have one so do not know (I use the keyboard/case from my G-tab which is USB). How does it connect ?

  • EricGS
    EricGS Member Posts: 5 New User

    It's not USB unless it's a usb port I don't recognise. W8 certainly doesn't recognise it as such. Not that it matters as we would require it to be used as a fully independant table at times, detached from the keyboard.

  • padgett
    padgett ACE Posts: 4,532 Pathfinder

    It is connected through the bottom connector. Is device manager not finding a keyboard ? Are the battery and USB ports in the dock working ?

     

    Also what version of the BIOS are you using ? On my W510 a touch keyboard comes up to enter the BIOS password when using bare so there is one programmed.

     

    Now I'll have to set one up but thought I had used Bitlocker in conjunction with Windows to Go on my W510 and had no problem (but was a lot of tests of different devices ago).

     

    Of course sometimes things just work because I expect then to 8*).

  • EricGS
    EricGS Member Posts: 5 New User

    padgett, the tablet was connected to the keyboard when I tried to start BL and it didn't recognise it as suitable. Unfortuately I can't really check much more as I've had to revert it to its original state for return to the supplier becasue I only had it for a short evaluation period.

  • padgett
    padgett ACE Posts: 4,532 Pathfinder

    OK I will need to build another WTG Workspace drive to test but the W510 with BIOS v1.0c does have a built in touch keyboard (just used to enter the BIOS password).

     

    Microsoft says " Windows on-screen touch keyboard (such as used by slates) is not available in the pre-boot environment where BitLocker requires additional information such as a PIN or Password."

     

    This is correct since Windows has not loaded its drivers yet however the built in BIOS keyboard is. So the question is whether BitLocker can invoke/use the BIOS keyboard for PP entry. This may require a BIOS level shim.

     

    The issue is that it will take me a couple of hours to create & test a Win 8 Enterprise "Windows to Go" drive with Bitlocker enabled (my test equipment is all personally purchased and I only have one "Workspace" drive at the moment & that has Win 8.1 without Bitlocker at the moment). No Big justmy day job must come first

     

    Suspect I may be one of the few BIOS programmers left not kept in a cage and can say that with an Acer BIOS API it would not be difficult at all, just a matter of redirecting the keyboard request, remember at BIOS time you have a fully functioning computer, just not a Windows (or Linux, or OS/X) computer.

     

    Does anyone really care ?

     

     

  • EricGS
    EricGS Member Posts: 5 New User

    WOW. Talk about going "above and beyond". I haven't even heard of a "BIOS level shim" before, only having dealt with Win7 shims. To say I'm impressed and a little daunted is something of an understatement.

  • padgett
    padgett ACE Posts: 4,532 Pathfinder

    Ignorance is curable. Up through PC-DOS 3.0 IBM used to issue a "Technical Manual" that included BIOS Interrupts (basically everything under 21h) and code. All you needed then was MASM & DASM. The Intel 8086 Technical Guide and the Phoenix System BIOS books were a big help also.

     

    There used to be a whole class of viruses (BRAIN, STONED, etc) that ran at the BIOS level. I was fortunate (?) that my first PC, a Columbia VP-1600 (still have) had a debugger built into the BIOS. I wrote my first anti-virus programs just using DEBUG.

     

    Hard to believe that was over 20 years ago now.

  • robcknight
    robcknight Member Posts: 1 New User

    Hi,

     

    Sorry for the late reply.

     

    I had the same issue with the dock and enabled a simple BIOS password to ensure the Keyboard was active.

     

    Regards,

     


    Rob.

  • padgett
    padgett ACE Posts: 4,532 Pathfinder

    Have found that at BIOS time there is an "accessibility" icon on the bottom left and one selection is an on screen keyboard.

This discussion has been closed.