Best Practices Question

Bitlocker Pre-Provisioning with the K2000... Any interest in making a how-to?

02/17/2016 3681 views
Hi there we currently have the Dell K2000 imaging our Windows 7/8/10 computers with Bitlocker Pre-Provisioning enabled before deploying the OS to the harddrive. I am contemplating on whether to make a write-up on how to achieve this. Is there any interest in such a write-up? 

6 Comments   [ + ] Show comments


  • 15 views, but no answers...
    Is the method you use specific to KACE, or could it be adapted for other EDS systems? Either way it would make interesting reading for me :-)
    • Yes specific to using KACE. Creating Win10PE KBE with custom features added to WinPE using DISM (to enable manage-bde for bitlocker provisioning). Then pre-installation steps to use CCTK to check/enable/activate TPM and reboot if needed to recognize TPM in WinPE. All that's left after that is to format your drive and encrypt then deploy. I also have implemented Microsoft Bitlocker Administration 2.5 SP1 to encrypt key and escrow to MBAM server and Active Directory. I'll likely end up making a how-to in the future on this. It took time to piece it all together since how-to's for doing so is more specific toward SCCM. Will give it a few days to see if any other K2000 users are interested.
    • Take a look at what I've got going so far. http://www.itninja.com/blog/view/dell-k2000-windows-7-8-10-with-bitlocker-pre-provisioning
  • You should blog this, a lot of time people will read articles and then think I can use this, it is less work then how we do it currently. VS being stuck looking for that specific answer to fix it
    • contributions like that are what ITNinja is about.
      • http://www.itninja.com/blog/view/dell-k2000-windows-7-8-10-with-bitlocker-pre-provisioning
  • I would be interested yes. We are just in the research phase of deploying Bitlocker in our organisation and this would be extremely useful for us.
  • Sorry we have been going through an audit. I will start putting this together soon. I hope to have it done next week.
  • Content will be added as I can get it together

  • Content has been added. Please feel free to critique.

All Answers


Yes, I need this script badly.

I also have my AD configured to store the recovery keys. I need to enable bitlocker as a post installation task. you have to be logged into the domain as an admin to store the keys.

any help would be greatly appreciated.

I used Microsoft SCCM to do this job before and it worked perfectly.

Answered 05/18/2016 by: burgess1
White Belt

  • This is the process I use to do so with the K2000.

This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ