How to upgrade to Windows 10 with FDE in-place
Install on Machine: Enterprise Endpoint Security E80.90 Windows Clients
Enabled Blade :
1.Sandblast Agent Anti-Ransomware, behavioral guard and Forensics
2.Sandblast Agent Anti-Bot
3.Sandblast Agent Threat extraction and emulation
Emulation: On Cloud
FullDisk Encryption Status: Encrypted
BOOT MODE: UEFI
We are upgrading the version using SCCM.
We try the upgrade from windows 10 (64bit) version 1709 to 1809 but its fail.
I Follow the sk120667 (How to upgrade to Windows 10 1607 and above with FDE in-place).
We did the below Step.
STEP 1: First we check the current UEFI boot mode on Encrypted Machine by going to this location (%ProgramFiles(x86)%\CheckPoint\Endpoint Security\Full Disk Encryption) and run the command "fdecontrol.exe get-uefi-bootmode"
and we see the current boot mode is "BOOTMGFW" so on Next step
STEP 2: I change the boot mode to "BCDBOOT" by command "fdecontrol.exe set-uefi-bootmode bcdboot".
But Still, It Fails to upgrade.
Do You all think that by OFF the "Pre-Boot Environment for FDE" in policy is resolved the issue?
Its very time taking to test on the encrypted machine because on our case its take more than 18 hours to encrypted one Fresh machine.
Also, I have one query when we upgrade Windows via ISO-file then, after changing to "BCDBOOT" mode then we unable to run the below command. (CMD)
setup.exe /ConfigFile "%SystemDrive%\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini"
Kindly help me out what the "exe.setup" stand like which location we run the above command and also about "SetupConfig.ini" file.
Thanks in Advance