Getting error an error has occured setting the element data the value is protected by secure boot policy

Jim Nicolis
Jim Nicolis used Ask the Experts™
on
I have just built a Hper-v Server :

Hardware:

HP Proliant Dl380 G7 8 X 10k 300GB SAS drives, 128GB ram 12 core running at 2.9 ghz

I have created 2 volumes at the hardware level. 1 Mirror using 2 300GB drives where I installed the Hyper-V Controller. I then created a raid 5 volume with the other six drives.

Everything ok at this point I was able to create large volume which will house the Virtual machines on the raid partition and formated the volume with NTFS and created a large E: drive.

I have already created the 2  Virtual machines 1 is a Domain controller and the other a fileserver.

The problem is a support person for this accounting firm that I am doing the job firm needs to migrate data from the old server to the new file server.

he has attempted to do the following command on the fileserver:

bcdedit /set nx AlwaysOff

and is getting the following error:

an error has occured setting the element data the value is protected by secure boot policy and cannot be modified or deleted

All vm's are windows server 2012 r2

I hope someone can shed some light on this as the migration needs to start in 2 days.

Thanks in advance.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
Note  Before setting BCDEdit options you might need to disable or suspend BitLocker and Secure Boot on the computer.

http://msdn.microsoft.com/en-us/library/windows/hardware/ff542202%28v=vs.85%29.aspx
Paul JacksonSoftware Engineer
Top Expert 2011
Commented:
You need to go into the BIOS and disable the Secure Boot option
Jim NicolisIT Professional

Author

Commented:
I cannot find any secure boot option in the HP Proliant DL380 G7 BIOS and the Bitlocker option is not installed in the particular VM where they are trying to do the command.
CompTIA Security+

Learn the essential functions of CompTIA Security+, which establishes the core knowledge required of any cybersecurity role and leads professionals into intermediate-level cybersecurity jobs.

Jim NicolisIT Professional

Author

Commented:
Thanks for your reply, I don't think that is going to help me unless I have read it wrong.
We have setup a completely new environment, no migration required for roles or anything
everything is brand new.

The accounting software people want to transfer data from the old server to the new one. They do have access to the old server but they have tried to run the following

bcdedit /set nx AlwaysOff

and is getting the following error:

an error has occured setting the element data the value is protected by secure boot policy and cannot be modified or deleted

This is a virtualised machine running on Hyper-V and are running the command via dos prompt with admin rights.

I have looked at everything recommended but cannot find how to overcome this error.
Jim NicolisIT Professional

Author

Commented:
Have resolved the problem, it was the Secure_Boot option in the Hyper-V config file for the
virtual machine. I set the secure boot option to False. I had to shut down Hyper-V manager Service  in order to update the file. Once that was done, I restarted Hyper-V Manager Service and rebooted the machine. Once logged in I opened up a administrator elevated command prompt and entered 'bcdedit /set nx AlwaysOff ' this came back successful this time. After a reboot the DEP options in the windows tab were greyed out. This is what they were trying to achieve.

Thanks for all the suggestions.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial