Related Articles. Author Info Last Updated: November 18, Method 1. Run Command Prompt as an administrator. On Windows On the bottom-left corner of the screen, type in "cmd" on the search box. On Command Prompt screen, type in the command line and execute it. Type in command line: Manage-bde -unlock E: -password And then press Enter to execute it. Type in password to unlock Bitlocker drive.
If the command above executes successfully, you will get the message asking to enter the password to unlock this volume. Type your Bitlocker drive encrypted password, and then press Enter. The password is invisible on the Command Prompt screen, so make sure the password you type in is correct, or you will need to type in the command again. Method 2. Open Command Prompt as an administrator. Type in the command line. Remember to change the X to your recovery key.
For example: manage-bde —unlock L: -RecoveryPassword Run the command line to unlock Bitlocker drive. Include your email address to get a message when this question is answered. Helpful 2 Not Helpful 0. Therefore, we recommend that you try other tools to help diagnose and resolve the problem with the drive before you use the BitLocker Repair Tool. For more information about using repair-bde, see Repair-bde. Windows PowerShell cmdlets provide a new way for administrators to use when working with BitLocker.
Using Windows PowerShell's scripting capabilities, administrators can integrate BitLocker options into existing scripts with ease. The list below displays the available BitLocker cmdlets. Similar to manage-bde, the Windows PowerShell cmdlets allow configuration beyond the options offered in the control panel. As with manage-bde, users need to consider the specific needs of the volume they are encrypting prior to running Windows PowerShell cmdlets. A good initial step is to determine the current state of the volume s on the computer.
You can do this using the Get-BitLockerVolume cmdlet. The Get-BitLockerVolume cmdlet output gives information on the volume type, protectors, protection status, and other details. Occasionally, all protectors may not be shown when using Get-BitLockerVolume due to lack of space in the output display. If you do not see all of the protectors for a volume, you can use the Windows PowerShell pipe command to format a full listing of the protectors. Get-BitLockerVolume C: fl.
If you want to remove the existing protectors prior to provisioning BitLocker on the volume, you could use the Remove-BitLockerKeyProtector cmdlet. Accomplishing this requires the GUID associated with the protector to be removed.
A simple script can pipe the values of each Get-BitLockerVolume return out to another variable as seen below:. By using this information, you can then remove the key protector for a specific volume using the command:. Ensure the entire GUID, with braces, is included in the command. Using the BitLocker Windows PowerShell cmdlets is similar to working with the manage-bde tool for encrypting operating system volumes. Windows PowerShell offers users a lot of flexibility.
For example, users can add the desired protector as part command for encrypting the volume. Below are examples of common user scenarios and steps to accomplish them in BitLocker Windows PowerShell. The following example shows how to enable BitLocker on an operating system drive using only the TPM protector:. In the example below, adds one additional protector, the StartupKey protector and chooses to skip the BitLocker hardware test.
In this example, encryption starts immediately without the need for a reboot. Data volume encryption using Windows PowerShell is the same as for operating system volumes. Add the desired protectors prior to encrypting the volume. This protector can be added to both operating system and data volumes, although it does not unlock operating system volumes in the pre-boot environment.
The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding a SID-based protector for the Cluster Name Object CNO that lets the disk properly fail over to and be unlocked by any member computer of the cluster.
For users who wish to use the SID for the account or group, the first step is to determine the SID associated with the account. In this article. Provides information about all drives on the computer, whether or not they are BitLocker-protected. Decrypts the drive and turns off BitLocker. All key protectors are removed when decryption is complete. Sets the drive identifier field on the drive to the value specified in the Provide the unique identifiers for your organization Group Policy setting.
Forces a BitLocker-protected drive into recovery mode on restart. This command deletes all TPM-related key protectors from the drive.
0コメント