none
bitlocker unlock fixed drive recovery password RRS feed

  • Question

  • we have servers that have fixed drives in which bitlocker locks during reboot. we need to unlock them with a recovery key but right now it is a manual process. below is the powershell component I wrote to help resolve the manual part... will this work?

    $SecureString = ConvertTo-SecureString "1234-1568-9123-4567" -AsPlainText -Force
    Unlock-BitLocker -MountPoint "E:" -RecoveryPassword $SecureString

    Also I saved the text file of the recovery key, could I use the -RecoveryKeyPath switch to reference the file?

    Tuesday, October 9, 2018 2:21 PM

Answers

  • You are forgetting that Unlock-BitLocker works with plain text passwords.

    Simply go 

    Unlock-BitLocker -MountPoint "E:" -RecoveryPassword 1234-1568-9123-4567

    It works.

    Friday, October 12, 2018 4:09 PM

All replies

  • Why ask if it will work when you can simply try it and find out?


    -- Bill Stewart [Bill_Stewart]

    Tuesday, October 9, 2018 4:51 PM
    Moderator
  • because I do not have a test environment, if I test it means I have to take down a live system... I am asking because I am assuming someone else may have already done this
    Tuesday, October 9, 2018 5:22 PM
  • I wouldn't assume others are doing exactly what you are doing.

    In any case, it is not recommended to set up any capabilities in your environment without any way to test them.


    -- Bill Stewart [Bill_Stewart]

    Tuesday, October 9, 2018 6:36 PM
    Moderator
  • Can some one else verify if the syntax should work or offer any tweeks I may need to add?
    Tuesday, October 9, 2018 8:23 PM
  • You are forgetting that Unlock-BitLocker works with plain text passwords.

    Simply go 

    Unlock-BitLocker -MountPoint "E:" -RecoveryPassword 1234-1568-9123-4567

    It works.

    Friday, October 12, 2018 4:09 PM