How to Enable Trusted Platform Module Using a ConfigMgr 2007 Task Sequence

OS and Applications

OS and Applications
Dell OS and Applications Solutions on Dell TechCenter - Project Sputnik, Microsoft Windows, Red Hat Linux, SUSE, Ubuntu, and more

OS and Applications - Wiki

How to Enable Trusted Platform Module Using a ConfigMgr 2007 Task Sequence

OS and Applications - Wiki

Follow these steps for creating a task sequence to Enable TPM on a Dell Business Client System (Latitude, Optiplex, or Precision Workstation).

This example will use the Dell Client Configuration Toolkit in a ConfigMgr task sequence. If you need to enable TPM on systems that have the Dell OpenManage Client Instrumentation installed, You can call the Sample VBScripts directly from your task sequence, if you prefer.

Read the whitepaper and download sample scripts and sample task sequence: How to Enable Trusted Platform Module (TPM) on Dell Business Client Systems

The following steps describe how to prepare a ConfigMgr 2007 Task Sequence to Activate TPM as well as enable Windows® BitLocker® Drive Encryption. This is a sample task sequence that can be used with traditional software distribution, as well as it could be integrated into your Operating System Deployment Task Sequence. From the whitepaper "Enabling TPM on Dell Business Client Systems", a BIOS password is required in order to enable and activate TPM. This Task sequence automates the required steps.

  1. Download and Install the latest version of the Dell Client Configuration Toolkit (CCTK)
    1. http://support.dell.com/downloads
    2. Select a business client model (Latitude, OptiPlex, etc)
    3. Under "Systems Management", select the "Dell Client Configuration Toolkit"
    4. Extract and Install on a supported operating system.
  2. Create ConfigMgr Packages for X86 and X64 CCTK, and Import the "Dell Enable TPM" Task Sequence
    1. Copy %ProgramFiles%\Dell\CCTK\* to a location that will be used for Configuration Manager. You will have two subfolders, x86, and x86_64
    2. Create two ConfigMgr Packages, using the source directory for x86, and x86_64. Send to Distribution Points
    3. Import the DellEnableTPM.xml Task sequence.
  3. Configure the Task Sequence
    1. Notice the Task Sequence has been divided into two groups – one for x86 and one for x64 platforms. The group uses WMI Filters to ensure that the Task Sequence steps only run on Dell clients with the appropriate Operating System Architecture. You can view/modify these as necessary.
    2. For each of the steps in the Task Sequence, specify the appropriate package. (all x86 steps require the x86 CCTK package, and the x64 steps require the x64 CCTK package) Enable TPM Task Sequence for ConfigMgr
    3. Notice in the previous image, we set a BIOS password. Modify this to your needs. If you already have a BIOS password, you can disable this step. Be sure to view/modify the other steps in this Task Sequence as needed.
    4. Also notice that a "Restart Computer" step was disabled for both x86 and x64. Depending on the model of your Dell, an additional reboot may be required between enabling TPM and Activating TPM.
    5. The final step is to Enable Bitlocker – review the Microsoft TechNet documentation at http://technet.microsoft.com/en-us/library/bb632526.aspx for Bitlocker requirements. From the document, you will see that Bitlocker requires two partitions. You can use the Bitlocker Drive Preparation Tool (BdeHdCfg.exe) to reconfigure drives prior to enabling Bitlocker. See http://technet.microsoft.com/en-us/library/ee732026(WS.10).aspx for more information.

Read the whitepaper and download sample scripts and sample task sequence - How to Enable Trusted Platform Module (TPM) on Dell Business Client Systems

Comments