HP Integrity rx2660 Servers User Manual
Page 21
Introduction 21
If HP Smart Update Manager detects a TPM, a pop-up warning message appears.
To enable firmware updates without the need to type in the TPM password on each server, the BitLocker
Drive Encryption must be temporarily disabled. Disabling the BitLocker Drive Encryption keeps the hard
drive data encrypted. However, BitLocker uses a plain text decryption key that is stored on the hard drive
to read the information. After the firmware updates have been completed, the BitLocker Drive Encryption
can be re-enabled. Once the BitLocker Drive Encryption has been re-enabled, the plain text key is
removed and BitLocker secures the drive again.
NOTE:
Temporarily disabling BitLocker Drive Encryption can compromise drive security and
should only be attempted in a secure environment. If you are unable to provide a secure
environment, HP recommends providing the boot password and leaving BitLocker Drive
Encryption enabled throughout the firmware update process. This requires the /tpmbypass
parameter for HP Smart Update Manager or the firmware update is blocked.
To temporarily disable BitLocker support to allow firmware updates, perform the following:
1.
Click Start, and then search for gpedit.msc in the Search Text box.
2.
When the Local Group Policy Editor starts, click Local Computer Policy.
3.
Click Computer Configuration>Administrative Templates>Windows Components>BitLocker Drive
Encryption.
4.
When the BitLocker settings are displayed, double-click Control Panel Setup: Enable Advanced
startup options.
5.
When the dialog box appears, click Disable.
- Integrity rx7640 Server Integrity rx3600 Server Integrity BL870c Server-Blade Integrity BL860c Server-Blade Integrity BL860c i2 Server-Blade SmartStart-Software Integrity rx2800 i2 Server Integrity rx6600 Server Integrity rx8640 Server Integrity Superdome sx2000 Server Integrity BL870c i2 Server-Blade