Question Using Intel PTT instead of TPM with Bitlocker

rleonekc

Reputable
Feb 23, 2016
6
0
4,510
Hey everyone

I have identical devices I'm working with.

These devices do not have a TPM chip, but instead use Intel PTT.

Machine 1: I was able to go into control panel and encrypt one of the devices without any issues. This device encrypted fully without errors.

Machine 2: The other device will not. It says "The startup options are configured incorrectly".
If i go into GPEDIT > Administrative Templates > Windows Components > Bitlocker Drive Encryption > Operating System Drives - Require Additional authentication at startup. If i click ENABLE...then it allows me to encrypt.
The problem with this is it requires you to have a flash drive in the machine or enter a password manually. So every time the device reboots it will prompt for the bitlocker password or USB key. These are faceless devices that aren't interacted with.

Machine 1 does not have that group policy setting enabled. It reboots without prompting for bitlocker.

These devices are 100% identical, purpose built appliances that my company had designed. Running identical builds of windows 10.

Any ideas??? I'm stumped. I had a call with Intel and they don't know what the issue is.