Loading...
Tip:
You can use the Winlog dialog box, go to Dell Thin Client ApplicationDell Wyse Winlog) to
disable Auto Log. You can easily log on as an administrator when you need to restart your thin
client. For more information, see Dell Wyse Winlog.
To use TPM and BitLocker:
1. Ensure that the TPM-supported client is running the latest WE7P build, that also supports TPM.
2. Log in as an Administrator.
a. Enter the BIOS. On the BIOS configuration pane, click the Security tab and under TPM Support,
enable TPM. For more information, see Accessing Thin Client BIOS Settings.
The TPM Configuration pane appears.
b. Select TPM Configuration and press Enter.
c. Under Change TPM Status, press Enter and select Enabled and Activate.
d. To save your changes, press the F10 key.
e. When the Physical Presence Screen that appears prompts, press the Y key to accept the changes
and restart the thin client.
3. Restart the client to the OS. Verify that the OS has a separate system partition which contains the files
needed to start the client. By default the system partition is an active partition.
4. Click the Services icon in the Component Services console to start the Services.msc, double-click
HAgent in the Name list of the Services window of the Component Services console to open the
HAgent Properties dialog box, set the Startup type to Manual, and then click the Stop button to stop
the HAgent service.
5. On the Windows desktop, click Start Run, type Gpedit.msc in the Open box, and then press the
Enter key to open the Local Group Policy Editor window.
6. To open the Require additional authentication at startup window, go to Local Computer Policy
Administrative TemplatesWindows Components BitLocker Driver Encryption Operating
System Drives Require additional authentication at startup.
7. In the Require additional authentication at startup section, select the Enabled option and clear the
Allow BitLocker without a compatible TPM option.
8. To open the Configure TPM platform validation profile window, go to Local Computer Policy
Administrative Templates Windows Components BitLocker Driver Encryption Operating
System DrivesConfigure TPM platform validation profile.
9. In the Configure TPM platform validation profile section, select the Enabled option and clear the
PCR4, PCR5, PCR8, PCR9 and PCR10 validation profiles.
10. Once the above policies are set, force update the policies using the gpupdate/force command or
reboot the client.
11. On the Windows desktop, click StartRun, type tpm.msc in the Open box, and then press the
Enter key to open the TPM Administration window or you can click StartControl Panel
BitLocker Drive EncryptionTPM Administration where you can verify that the Initialize TPM
option is enabled; if this option is disabled, then clear the TPM by using the Clear TPM option, reboot
the client, and then repeat this step to verify that the Initialize TPM option is enabled.
12. After verifying that the Initialize TPM option is enabled, click Initialize TPM, and then reboot the
client.
13. After reboot, TPM will be initialized and it involves enabling and taking ownership of TPM.
14. Now you can use the Turn On BitLocker link to turn on the BitLocker C drive encryption in the
BitLocker Drive Encryption Properties dialog box. To use this clickStart Control Panel
BitLocker Drive Encryption icon.
21
Loading...
Terms of Use | Privacy Policy | DMCA Policy
2006-2020 Rsmanuals.com