Windows 10

Windows 10 is the latest Operating system released by Microsoft. Microsoft releases 2 major versions of Windows 10 every year. Win 10 is more a mobile operating system than the traditional one. Most of the management activities of Win 10 happens through OMA-DM channel.

Most relevant management channel of Win 10 is MDM instead, of the traditional WMI management. Win 10 security architecture is made based on 3(three) principles. Those three(3) security principles are protect, detect, and respond.  Win 10 pre-breach mitigation is aimed at device protection and threat resistance. Following are the main pillars of Window 10 security architecture.

As per my analysis this Spring Creators update has many security improvements. Following are some of my favourite security enhancement in Win 10 1803 Spring Creators update. I have some other posts on Win 10 security topics, and I recommend to read those to get more details about the Win 10 security road-map and architecture.

How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module 1

How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module

How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module? Do you use virtual Windows 10 machines to test the Intune and SCCM policies?

Have you tried to enable BitLocker in a HyperV/VMware virtual machine? Did you ever receive the following error while you tried to enable BitLocker on Windows 10 Virtual Machines?

This Device Can’t Use a Trusted Platform module. Your administrator must set the “Allow Bitlocker without a compatible TPM” option for OS volumes in the “Required additional authentication at startup” policy.

The video below provides a more detailed demonstration. This post helps you show more details about enabling Bitlocker on HyperV and handling error devices that cannot use a trusted platform module.

How to Enable Bitlocker on Hyper V Windows10 Virtual Machine

The video demonstrates resolving the error message “This Device Can’t Use a Trusted Platform Module. Your administrator must set the ‘Allow BitLocker without a compatible TPM’ option in the ‘Require additional authentication at startup’ policy for OS volumes.”

How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module – Video 1

How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module

Let’s discuss how to enable Bitlocker on HyperV and handle the error device that cannot use a trusted platform module. The screenshot below shows the error message “This device can’t use a Trusted Platform Module.

Your administrator must set the ‘Allow BitLocker without a compatible TPM‘ option in the ‘Require additional authentication at startup’ policy for OS volumes.”

How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module - Fig.1
How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module – Fig.1

How to Enable Bitlocker on HyperV

BitLocker will be automatically enabled on modern instant-go devices like Surface Pro 3, Surface Pro 4, etc. However, for other Windows 10 devices, each user needs to enable BitLocker via another method. BitLocker can be enabled using Windows 10 MDM policies, Group Policies, SCCM Policies, etc.  

All the above BitLocker enablement process is more or less straightforward. However, enabling BitLocker on Windows 10 virtual machines is not straightforward. When we try to enable BitLocker from “This PC” or “Control Panel.” 

The user needs to enable the following group policy (GPEDIT.MSC) on the Windows 10 VM to eliminate the TPM error while enabling the BitLocker.

Enabling Group Policy to Resolve TPM Error for BitLocker on Windows 10 VM
Local Computer Policy –> Computer Configuration –> Administrative Template –>
Windows Components –> Bitlocker Drive Encryption –> Operating System Drives –> Require additional authentication at startup –> ENABLE  
How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module - Fig.2
How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module – Fig.2

Another important option in the BitLocker enablement process is saving the recovery key. We have four options for saving the BitLocker key: save to your Microsoft accounts, save to a USB flash drive, save to a file, or print the recovery key. How to Enable BitLocker on HyperV and Handle Error Device CanNot Use a Trusted Platform Module.

How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module - Fig.3
How to Enable Bitlocker on HyperV and Handle Error Device Cannot Use a Trusted Platform Module – Fig.3

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.

How to Download the Latest Version of Windows 10 ISO 3

How to Download the Latest Version of Windows 10 ISO

This is a quick post and video about “How to Download the Latest Version of Windows 10 ISO.” There are three methods for downloading the Windows 10 anniversary update (1607).

How to download Windows 10 ISO? Login to TechNet Evaluation Center with Hotmail/Outlook/Live ID and Download Free Windows 10 ISO – Enterprise version. This evaluation is to test Windows 10 1607 for free for 90 days.

How to download Windows 10 ISO 1607 Anniversary update from MSDN? Login to the MSDN Subscriptions Center (for Visual Studio/MSDN subscribers) from here and download the Windows 10 ISO.

In this post, you will find all the details on how to Download the Latest Version of Windows 10 ISO.

How to Download the Latest Version of Windows 10 ISO - Fig.1
How to Download the Latest Version of Windows 10 ISO – Fig.1

How to Download Windows 10 ISO 1607 Anniversary Update from VLSC? – How to Download the Latest Version of Windows 10 ISO

You can log in to the Volume Licensing Service Center (for Volume License customers) from here and download the Windows 10 ISO.

If you already use Windows 10 1511, you can get the updated version from Settings –> Update and Security. How do you download Windows 10 Anniversary Update 1607 for your home machines? How do you Download the Latest Version of Windows 10 ISO?

Download the Latest Version of Windows 10 ISO
Download Windows 10, version 1607 update from Windows Update or Windows Update for Business.
If updates are not appearing on your Windows 10 machine, use the Windows 10 Update Assistant utility.
Download Link
How to Download the Latest Version of Windows 10 ISO – Table 1

SCCM Related Posts Real World Experiences Of SCCM Admins

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.