Dell GTX 1080 + Fractal Design Ion 500G in an external Thunderbolt 4 dock.
Hey. Got this laptop for University, and don’t have the money to use both this and a dedicated desktop. Got a thunderbolt 4 dock to use my old GPU for gaming, video creation, and Blender renders.
Bitlocker recognizes the GPU being plugged/unplugged as a hardware change, locking the system upon reboot. For now I just have bitlocker disabled, which solves this problem.
The second symptom of the eGPU are that my login pin + Windows Hello fingerprints will be deleted. I enter like normal but then Windows says my login doesn’t work and needs to be reset. It prompts me to signin to Microsoft and then goes from there.
This problem can be avoided by directly signing in with my Microsoft account password upon boot, however I still can’t use the fingerprint reader I paid for.
I’ve got the same identical problem.
It has most probably something to do with the TPM. When pluggin unpluggin external hardware at boot the TPM signal this to the bootloader which gets all worried.
In my case it messed the Bitlocker configuration too.
For that i’ve found this FIX:
I’m having the same issues and solutions as Koma.
I was able to get around the Bitlocker issue after finding the same link. Though we gave up some security to do this.
I was not able to find a solution for Windows Hello/Pin login, other than to turn it off and use the password.
Any update or fix anyone has found would be appreciated.
I’ve encountered the same problem with Windows Hello.
When I boot my laptop (not Framework though, Dell XPS 14) I got an error 0xd000a002 and my Windows Hello PIN, Fingerprint and Face unlock does not work and I need to set them up again. If I then turn off the laptop and disconnect or connect eGPU (depending on if it was connected or not during Windows Hello setup) the error reappears.
I found out that Windows Hello store it’s keys in TPM. And apparently connecting/disconnecting eGPU triggers TPM hash change and invalidates Windows Hello keys or something.
You can check it your Windows Hello keys are stored in TPM with the following command in elevated Powershell:
then Windows Hello keys are stored in TPM and we need to force Windows to store it on the disk. It’s less secure, but with eGPU apparently we dont have another option (apart from not using Windows Hello at all).
If you don’t use Bitlocker I think you can just delete PIN, disable TPM in BIOS and set up PIN again. With TPM disabled Windows can’t write keys to TPM and should store them on the disk.
You can check that with the same Powershell command.
If it outputs
NgcKeyImplType: 2 (0x2)
then Windows Hello keys are stored on the disk and you should be fine.
If you do use Bitlocker then you need to do the following (I did these steps and got it working, YMMV and you are doing it on your own risk):
Remove Windows Hello.
Suspend Bitlocker.
Boot to BIOS and disable TPM.
Boot to system and set up Windows Hello.
Check with Powershell if Windows Hello keys are indeed stored on the disk now.