Solved

Getting error an error has occured setting the element data the value is protected by secure boot policy

Posted on 2014-02-25
6
4,112 Views
Last Modified: 2014-02-26
I have just built a Hper-v Server :

Hardware:

HP Proliant Dl380 G7 8 X 10k 300GB SAS drives, 128GB ram 12 core running at 2.9 ghz

I have created 2 volumes at the hardware level. 1 Mirror using 2 300GB drives where I installed the Hyper-V Controller. I then created a raid 5 volume with the other six drives.

Everything ok at this point I was able to create large volume which will house the Virtual machines on the raid partition and formated the volume with NTFS and created a large E: drive.

I have already created the 2  Virtual machines 1 is a Domain controller and the other a fileserver.

The problem is a support person for this accounting firm that I am doing the job firm needs to migrate data from the old server to the new file server.

he has attempted to do the following command on the fileserver:

bcdedit /set nx AlwaysOff

and is getting the following error:

an error has occured setting the element data the value is protected by secure boot policy and cannot be modified or deleted

All vm's are windows server 2012 r2

I hope someone can shed some light on this as the migration needs to start in 2 days.

Thanks in advance.
0
Comment
Question by:cdsaus
  • 3
  • 2
6 Comments
 
LVL 16

Accepted Solution

by:
Shaik M. Sajid earned 250 total points
ID: 39888024
Note  Before setting BCDEdit options you might need to disable or suspend BitLocker and Secure Boot on the computer.

http://msdn.microsoft.com/en-us/library/windows/hardware/ff542202%28v=vs.85%29.aspx
0
 
LVL 29

Assisted Solution

by:Paul Jackson
Paul Jackson earned 250 total points
ID: 39888025
You need to go into the BIOS and disable the Secure Boot option
0
 

Author Comment

by:cdsaus
ID: 39888337
I cannot find any secure boot option in the HP Proliant DL380 G7 BIOS and the Bitlocker option is not installed in the particular VM where they are trying to do the command.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 16

Expert Comment

by:Shaik M. Sajid
ID: 39888362
0
 

Author Comment

by:cdsaus
ID: 39888442
Thanks for your reply, I don't think that is going to help me unless I have read it wrong.
We have setup a completely new environment, no migration required for roles or anything
everything is brand new.

The accounting software people want to transfer data from the old server to the new one. They do have access to the old server but they have tried to run the following

bcdedit /set nx AlwaysOff

and is getting the following error:

an error has occured setting the element data the value is protected by secure boot policy and cannot be modified or deleted

This is a virtualised machine running on Hyper-V and are running the command via dos prompt with admin rights.

I have looked at everything recommended but cannot find how to overcome this error.
0
 

Author Comment

by:cdsaus
ID: 39890763
Have resolved the problem, it was the Secure_Boot option in the Hyper-V config file for the
virtual machine. I set the secure boot option to False. I had to shut down Hyper-V manager Service  in order to update the file. Once that was done, I restarted Hyper-V Manager Service and rebooted the machine. Once logged in I opened up a administrator elevated command prompt and entered 'bcdedit /set nx AlwaysOff ' this came back successful this time. After a reboot the DEP options in the windows tab were greyed out. This is what they were trying to achieve.

Thanks for all the suggestions.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

My GPO's made for 2008 R2 servers were not allowing me to RDP into a new 2012 server by default.  That’s why I tried to allow RDP via Powershell, because I could log into a remote shell without further configuration. Below I will describe how I wen…
The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Wind…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now