Bitlocker Access Denied, Error Code: 0x80070005

When enabling Bitlocker on a machine running Windows 7, you may encounter an error:

Access Denied

When attempting to configure TPM settings, you encounter: Error Code: 0x80070005


This can indicate a missing Active Directory security Permission.

To resolve this issue, perform the following steps:

Open Active Directory Users and Computers
Right Click on the OU containing the computer in question and select “Delegate Control”
Click “Next” to start the wizard
Click “Add…”
Enter “SELF” in Select Users box
Click “Check Names…”
Click “OK”
Click “Next”
Select “Create a custom task to Delegate”
Click “Next”
Select “Only the following objects in the folder”
Select “Computer Objects”
Click “Next”
Locate the setting “Write msTPMOwnerInformation” and select it
Click “Next” to complete the wizard


Additionally, this issue can occur in an OU where the systems administrator has denied access to removable media by using a User Configuration or Computer Configuration Group Policy setting.

There is a documented hotfix from Microsoft for this issue: