You may have used The BitLocker Frontend HTA from windows-noob.com which makes Deploying Windows 7 with BitLocker easy even using these three scenarios
* Backup old
* Refresh Computer
* New Computer
In addition to this the HTA offered additional features one of which is the ability to add language packs during the installation (Swedish, Norwegian, Finnish, Danish). This is fully customizable so you could add whatever languages you want including multiple languages.
However a bug has recently shown itself which I found very interesting as it only showed itself when you Deployed Windows 7 with a language pack and with BitLocker enabled via a script (which is the method used in the HTA). The script is called EnableBitLocker.vbs.
So first of all, why am I enabling BitLocker via a script instead of using the Enable BitLocker step ? well the script (which is very kindly supplied by Microsoft) offers more options, it’s more customizable and does better logging, for example if you want to change the encryption level to AES 256 then you’ll need to use the script to do so.
The script contains some code to check certain TPM functionality and the expected result (boolean) is either True or False, however the script as provided looks for the string “True” or “False” which of course are strings of text in English.
When these TPM checks are run on a system that has say the Norwegian Language pack installed previously, the result returned from the WMI call will be “Sann” or “Usann” (the Norwegian equivalent of True and False). I spotted this by examining the BitLocker.txt log generated by the Enable BitLocker via a script step in the task sequence, the actual step ran through with no error but the computer was not BitLockered. Below is the snippet from the Log generated which revealed the problem.
Ok so what was the fix ? well by changing the script from looking for string values “True” “False” to using pure boolean the solution was easy.
I’ve attached the working script which works with multi-languages and English too, simply use this one in your Enable BitLocker Via a script step instead of the original script (as in this screenshot from The BitLocker HTA
don’t forget to set your options so the step runs in the correct group
and lastly, you need to repeat this exercise for your Configure and Enable BitLocker REFRESH group also (replace that step with this one, and change the options to look for EnableBitLockerRefresh Equals True).
Download the EnableBitLocker_Multi.vbs script here –EnableBitLocker_Multi
Thanks go to Fredrik for helping me with the Logic.
cheers
niall.
