Symptoms

Table of Contents: Updating BIOS BitLocker EnabledUpdated BIOS and BitLocker is showing an error.Solution 1. Updating BIOS with BitLocker When updating the BIOS on a system with BitLocker Enabled > be aware of the below. Caution: If BitLocker is not suspended, the next time you reboot the system it will not recognize the BitLocker key.You are then prompted to enter the recovery key to progress, and the system asks for this on each reboot. If the recovery key is unknown, this can result in data loss or unnecessary operating system reinstall.

Cause

2. BIOS revisions causing an issue with BitLocker BIOS revisions listed below have been found to cause an error with BitLocker where it will not enable/resume when the Trusted Platform Module (TPM) is in TPM 2.0 mode. If you have recently updated your system BIOS to the version below. Update again to the new version available on Dell Support Site to resolve the issue. Note: It is recommended that you download and install the latest BIOS version from the Dell Drivers & Downloads website. Platform Affected BIOS Version Latitude 7275 1.1.29 Latitude 5175 / 5179 1.0.22 Latitude 7370 1.11.4 Latitude E7270/E7470 1.14.3 Latitude E5270/E5470/E5570 1.13.3 Precision 3510 1.13.3 Precision 7510/7710 1.11.4 Caution: It is recommended that customers do not install a demoted BIOS, for any reason, even if they have a local copy. Always ensure that if a BIOS update is being carried out that the latest version is used.

Resolution

3. Solution Note: If the BitLocker icon is not seen, this could be down to restrictions put in place by system administrators. If so contact your system administrator for assistance. Method One: The easiest solution is to suspend BitLocker before updating the BIOS. Click Start Go to Control Panel > System and Security > BitLocker Drive Encryption Select Suspend Protection (you may be prompted to select yes to confirm this). You can now update the BIOS (latest can be downloaded from the Dell Support Website). See this Video Guide for help on updating the system BIOS. Or article How to update the BIOS on a Dell System After BIOS updated you can then Resume Protection Method Two: Edit group policy for BitLocker. Click Start. In the Search box, type gpedit.msc and press Enter. Note: The system user must have administrator right to edit group policy. Local Computer Policy should be displayed, and options for Computer Configuration and User Configuration. Under Computer configuration, click Administrative Templates. Open Windows Components. Click BitLocker Drive Encryption folder. In the right pane, click Configure TPM Platform Validation Profile. Double-click the Require additional authentication at startup policy. Set the policy for Disabled. Click Apply, then OK. Restart the system. Once the BIOS is updated, repeat these steps and Reenable BitLocker. Method Three: Edit group policy for BitLocker. Click Start. In the Search box, type services and press Enter Scroll down and double-click BitLocker Disk Drive Encryption Service. Under General Tap on the open window, next to Start up type click the drop-down box (manual) the select Disable Under Services Status, click Stop. See these Dell Knowledge Base articles for related information: How to Successfully Update the TPM Firmware on your Dell ComputerUsing scripting or automation for TPM firmware updates from DellTPM Option Is Missing in the System BIOS Setup Latitude, Precision, or XPSHow to Troubleshoot and Resolve Common Issues with Trusted Platform Module (TPM) and BitLockerAutomatic Windows Device Encryption or BitLocker on Dell Computers

Support Cases