ProLiant Servers (ML,DL,SL)
1823914 Members
3170 Online
109667 Solutions
New Discussion

Bitlocker on Proliant G10 - Server 2022 core

 
Adam365
Occasional Collector

Bitlocker on Proliant G10 - Server 2022 core

Hi,
We're struggling to get bitlocker active on our Proliant gen 10 server running MS Server 2022 core.
We updated to the latest firmware, enabled TPM, secure boot, uefi in the BIOS.
Unfortunately we still get an error via msinfo32 :
BIOS Mode : EUFI
PCR7 Configuration : binding disabled by policy
Device encryption support : Reasons for failed automatic device encryption: Feature is not available, PCR7 binding is not supported. Un-allowed DMA capable bus/device(s) detected

We already tried to remove all certificates in the BIOS, except the KEK 2K CA2023
Removed the one from HPE, Suse, MS 2011 cert..

 

2 REPLIES 2
PR7
HPE Pro

Re: Bitlocker on Proliant G10 - Server 2022 core

Greetings!

Looks like you have already performed all relevant hardware-level checks and firmware updates
"latest firmware, enabled TPM, secure boot, uefi in the BIOS"

Despite these steps, BitLocker cannot be enabled due to the following issues reported via msinfo32:
PCR7 Configuration: Binding disabled by policy
Device Encryption Support: "Feature is not available, PCR7 binding is not supported. Un-allowed DMA capable bus/device(s) detected"
  
Advising if any OS-level policy or configuration may be interfering with PCR7 or BitLocker
we would appreciate if you could help raise a support case with Microsoft for further investigation.



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
PR7
HPE Pro

Re: Bitlocker on Proliant G10 - Server 2022 core

Hello,
Let us know if you were able to resolve the issue.
If you have no further query, and you are satisfied with the answer then kindly mark the topic as Solved so that it is helpful for all community members.



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo