One of the main security features of Microsoft Windows Vista is BitLocker Drive Encryption. It can be enabled either through the use of the TPM 1.2 security chip on the system or a USB 2.0 flash drive, to save your recovery key.
Refer to the system list above to see which system support BitLocker Drive Encryption.
Any of the following systems that support BitLocker Drive Encryption with either TPM 1.2 or USB 2.0 flash drive and running Microsoft Windows Vista:
- ThinkPad G50
- ThinkPad R51e, R52 (with Machine Type: 1846, 1847, 1848, 1849, 1850, 1870), R60e
- ThinkPad T43 (with Machine Type: 2668, 2669, 2678, 2679, 2686, 2687), T43p, T60, T60p
- ThinkPad X41, X41 Tablet
- ThinkPad Z60m, Z60t, Z61e
- 3000 C200, N100, V100
Systems that do not support BitLocker Drive Encryption with both TPM 1.2 and USB 2.0 flash drive:
- ThinkPad R50, R50e, R50p, R51, R52 (with Machine Type: 1858, 1859, 1860, 1861, 1862, 1863, 1958)
- ThinkPad T41, T41p, T42, T42p, T43 (with Machine Type: 1871, 1872, 1873, 1874,1875, 1876)
- ThinkPad X31, X32, X40
This is the limitation of the system board and/or BIOS in the systems.
- With a computer without a TPM1.2 compliant security chip, when you run BitLocker, a warning message will be displayed "A TPM was not found. A TPM is required to turn on BitLocker. If your computer has a TPM, then contact the computer manufacturer for BitLocker-compatible BIOS."
- With a computer with a TPM1.2 compliant security chip, when you run BitLocker, there is no screen to save "Startup key" in the USB drive in the wizard.
Systems that support BitLocker Drive Encryption with either TPM 1.2 or USB 2.0 flash drive and are running Windows Vista:
- ThinkPad R60
- ThinkPad T60, T60p
- ThinkPad X60, X60s, X60 Tablet
- ThinkPad Z61m, Z61p, Z61t
Systems that support BitLocker Drive Encryption without TPM 1.2, only with USB 2.0 flash drive
- ThinkPad G50
- ThinkPad R51e, R52 (with Machine Type: 1846, 1847, 1848, 1849, 1850, 1870), R60e
- ThinkPad T43 (with Machine Type: 2668, 2669, 2678, 2679, 2686, 2687), T43p, T60, T60p
- ThinkPad X41, X41 Tablet
- ThinkPad Z60m, Z60t, Z61e
- 3000 C200, N100, V100
You must must enable the BitLocker group policy setting for the Control Panel Advanced Startup Options by running gpedit.msc. Refer to the BitLocker step-by-step guide.
This is by design as part of an intentional design by Windows Vista.
If your BIOS is older, you may find that BitLocker will not work on a system with the TPM 1.2 security chip.
Any of the following systems with the TPM1.2 security chip and running Windows Vista:
- ThinkPad R60
- ThinkPad T60, T60p
- ThinkPad X60, X60s, X60 Tablet
- ThinkPad Z61m, Z61p, Z61t
Install the latest BIOS available from the Lenovo Support & downloads Web site. The latest BIOS supports Bitlocker.
For BitLocker to work with TPM 1.2, the appropriate BIOS which supports BitLocker is necessary.
The error message "Compatible TPM cannot be found" appears after installing the Trusted Platform Module (TPM) 1.1 device driver and making sure the security chip is enabled in BIOS.
Any of the following systems that support the TPM 1.1 and are running Windows Vista:
- ThinkPad R52
- ThinkPad T42, T42p, T43, T43p
- ThinkPad X41, X41 Tablet
- ThinkPad Z60t, Z60m
The affected systems do not support TPM1.2.
This is by design of Windows Vista, TPM1.1 is not supported by the TPM Management console.
If the BIOS is updated after enabling BitLocker on the system that has TPM1.2 security chip, the operating system shows the BitLocker Drive Encryption Information message and does not boot until the recovery password has been entered.
Any of the following systems with the TPM1.2 security chip and running Windows Vista:
- ThinkPad R60
- ThinkPad T60, T60p
- ThinkPad X60, X60s, X60 Tablet
- ThinkPad Z61m, Z61p, Z61t
Disable BitLocker by selecting "Turn Off BitLocker" of "BitLocker Drive Encryption" in the Control Panel if BitLocker is enabled before updating the BIOS.
This is caused by Windows Vista. Windows Vista does no implement any logic to tell BitLocker enable/disable the status from the BIOS to the operating system or provide ways for the BIOS to update the program to detect the BitLocker status.
|
