Documentation for SCCM task sequence deployment orchestrator

Unlock bitlocker

This control is used to unlock bitlocked drives [System, data and USB drives].

Clicking on the ‘Unlock bitlocker’ button will open a new panel.

Click the drive you want to UNLOCK first (Marked as 1)

If you have a recovery key file; import the file by clicking on the “Import from recover key” button. (Marked as 3).

Click “FROM CURRENT DOMAIN” to automatically get the recovery information from the current domain. (Marked as 4).

Click “FROM DIFFERENT DOMAIN” to automatically get the recovery information from a remote domain. (Marked as 5). Please provide credentials for remote domain. (Marked as 2).

Click “FROM MBAM DATABASE” to automatically get the recovery information from MBAM (Microsoft bitlocker administration and monitoring) server. (Marked as 6).

Click “FROM RECOVERY PASSWORD” (Marked as 6) after manually typing the recovery password in the area marked as 8.

USMT data capture options are only displayed in sccmtspsi if an active windows partition is identified.

When using the active directory options. If the machine was bitlocked using a different hostname, change the asset hostname text before using the active directory unlock controls.

Suggest Edit

DCOM hardening issue.

This application fails to authenticate with WMI on the SCCM server because Microsoft has not yet hardened DCOM on their Windows Preinstallation Environment. We are working on a different approach, but it will only be released during the first quarter of 2024. But until that time, the only workaround will be to uninstall the update corresponding to KB5004442.