I am having a problem with certain Lenovo models where BitLocker fails to enable during OSD with MDT. I get error:
FAILURE ( 6767 ): -2144272340 0x8031002C: Enable BDE Protectors
I can enable BitLocker manually just fine after OSD has completed.
When I compare the ZTIBDE.log's from a device that failed to one that succeeded, I see the following in the failure's log:
"This is a Refresh Build where BDE protectors were disabled."
It looks like the EnableBitLocker step tries to unsuspend BitLocker instead of enabling it for the first time.
I cannot figure out why the task sequence thinks it's a Refresh deployment at that point. Just 3 seconds before the failure message from trying to enable BitLocker, I see this in the BDD.log:
DeploymentType = NEWCOMPUTER
Nowhere do I see DeploymentType = REFRESH. Why would the task sequence suddenly think it's a Refresh type?
It's MDT 8456. Win10 1909. The 3 models that fail: Lenovo L480, L490, X1 Yoga Gen 5. The BIOSes are the latest from the vendor.
Skip