There are a few new Bitlocker features for the OS Deployment in SCCM 2012 SP1 Beta related to Windows 8.
In Windows 7, the encryption ot a volume takes several hours. Working in this time is lazy… With WinPE 3.0 it’s possible to activate Bitlocker BEFORE intalling the operating system –> it’s named “pre-provisioning”.
Pre-Provisioning generates a random encryption key (clear protector), which is used to encrypt the volume. After installing Windows 8 you have to activate Bitlocker – otherwise the status will be “Waiting for Activation”.
In SCCM, pre-provisioning is included in the task sequence. Creating a default task sequence (Install an existing image package) you have the option “Configure task sequence for use with Bitlocker”.
This will add the step “Pre-provision BitLocker”. By default this task is not running if the computer does not have a TPM or when TPM is not enabled.
At the end of the task sequence you can find the known feature “Enable BitLocker”. But take a look on it, you have now more options:
You can enable a PIN!
Enjoy the new features…