Wiki source code of PIN wird nicht erstellt (Pre-Boot-Tastatur wird nicht gefunden)
Last modified by Sabrina V. on 2024/10/08 11:35
Hide last authors
| author | version | line-number | content |
|---|---|---|---|
 |
1.1 | 1 | {{aagon.priorisierung}} |
| 2 | 160 | ||
| 3 | {{/aagon.priorisierung}} | ||
| 4 | |||
| 5 | {{aagon.floatingbox/}} | ||
| 6 | |||
| |
7.1 | 7 | = Initial situation = |
| |
1.1 | 8 | |
| |
7.1 | 9 | When BitLocker is enabled on a tablet with a startup PIN, you may experience the following difficulties because: |
| |
1.1 | 10 | |
| |
7.1 | 11 | 1. the PIN is not prompted at startup, |
| 12 | 1. the key protectors are no longer enabled after the restart, and | ||
| 13 | 1. the PIN, which must be entered and saved by the user, must be reassigned each time the system is restarted. | ||
| |
1.1 | 14 | |
| |
7.1 | 15 | A keyboard is required to enter the PIN when the system is rebooted. If no keyboard is recognised on the first reboot after the key guard //PIN// has been created, the key guard will be deleted from the system. This is necessary so that the user is not locked out. |
| |
1.1 | 16 | |
| |
7.1 | 17 | Mobile devices rarely have a keyboard attached, so a pre-boot keyboard is required. The pre-boot keyboard may be disabled and needs to be enabled via Group Policy „//Enable the use of BitLocker authentication with required keyboard entry before booting on slates//“. |
| |
1.1 | 18 | |
| |
7.1 | 19 | == To configure via Group Policy == |
| |
1.1 | 20 | |
| |
7.1 | 21 | 1. Open Group Policy Editor and navigate to //Computer Configuration //> //Administrative Templates //> //Windows Components// > //BitLocker Drive Encryption// > //Operating System Drives//. |
| 22 | 1. Open the „Enable use of BitLocker authentification with required keyboard input before booting on slates“. | ||
| |
1.1 | 23 | |
| 24 | {{figure}} | ||
| 25 | (% style="text-align:center" %) | ||
| 26 | [[image:66_BitLocker Use Case_Editor für lokale Gruppenrichtlinien_1538.png]] | ||
| 27 | |||
| 28 | {{figureCaption}} | ||
| |
7.1 | 29 | Setting local Group Policies for operating system drives |
| |
1.1 | 30 | {{/figureCaption}} |
| 31 | {{/figure}} | ||
| 32 | |||
| |
7.1 | 33 | 3. Click the Enabled radio button, then click //Apply //and //OK //to save the changes. |
| |
1.1 | 34 | |
| 35 | {{figure}} | ||
| 36 | (% style="text-align:center" %) | ||
| 37 | [[image:66_BitLocker Use Case_Verwendung der BitLocker-Authentifizierung_686.png]] | ||
| 38 | |||
| 39 | {{figureCaption}} | ||
| |
7.1 | 40 | Enabled BitLocker authentication settings |
| |
1.1 | 41 | {{/figureCaption}} |
| 42 | {{/figure}} | ||
| 43 | |||
| |
7.1 | 44 | 4. If the PIN is enabled, it is not possible to enter the PIN using the pre-boot keyboard at startup. |
| |
1.1 | 45 | |
| |
7.1 | 46 | == Alternative: Enabling Group Policy via the registry == |
| |
1.1 | 47 | |
| |
7.1 | 48 | If you prefer to customise Group Policy or settings via the registry value, follow these steps: |
| |
1.1 | 49 | |
| |
7.1 | 50 | 1. Open Registry Editor and navigate to //HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\FVE//. |
| 51 | 1. Create a 32-bit DWORD value with the name „//OSEnablePrebootInputProtectorsOnSlates“ //and the value „1“. | ||
| |
1.1 | 52 | |
| 53 | {{figure}} | ||
| 54 | (% style="text-align:center" %) | ||
| 55 | [[image:66_BitLocker Use Case_Registry Wert eintragen_938.png]] | ||
| 56 | |||
| 57 | {{figureCaption}} | ||
| |
7.1 | 58 | Customise the registry value |
| |
1.1 | 59 | {{/figureCaption}} |
| 60 | {{/figure}} | ||
| 61 | |||
| |
7.1 | 62 | 3. The adjusted registry value will be taken into account the next time the system is rebooted. |