Saturday 19 August 2017

Server 2012 R2 BitLocker Post Install Error: Unspecified Error

The following error happened on a DC we recently set up and were going to encrypt via BitLocker:

image

C:\Users\USERNAME\AppData\Local\Packages\windows.immersivecont...
C:\Users\USERNAME\Classic_{GUID}.settingcontent-ms
Unspecified error

A quick search turned up a simple fix: Reboot the server a second time.

Sure enough, good to go:

image

As a rule, we deploy a TPM in all of our physical DCs that are deployed with our clusters. They are then encrypted using BitLocker. This greatly reduces the exposure to compromise if someone has physical access to that DC. For virtual DCs, we now have the ability to pass a vTPM through to the guests in Server 2016. We're still in the testing phase, but our plan is to have _all_ domain controllers on networks we manage encrypted!

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
Our Cloud Service

1 comment:

Paul said...

Encrypting servers scares the poop out of me. I've been in enough DR situations where multiple backups have not worked that I always take a little comfort in being able to recover the data from the disks themselves.

I no doubt will be encrypting servers soon though.