none
Access Denied error accessing BitLocker encrypted fixed drive

    Question

  • BitLocker was turned on on my previous Windows 7. It was working properly until I had to change my Windows 7 and reinstall it on another drive, this time SSD instead of HDD. After installing Windows 7, I got "Access Denied" error message when i went to unlock the drive. The password was correct and the drive could unlock, but access was denied. I tried the built-in Administrator account and found that it had not this problem. It could access the contents of the drive and unlock. This was while my account was also an administrator of the new Windows. So, I decided to rename login name of the built-in Administrator account to my own and use it instead of my own account. This seemed that resolved the problem. Then, I decided to upgrade this Windows to 10. Now, after upgrading, I can't access the drive with the built-in Administrator account too!

    Notes:

    1. In my previous Windows which I could see the contents of the drive, I was seeing a tiny lock icon on the root folders (the folders which were located on the root of the drive), while this didn't appear on their sub-folders. What is that?
    2. Now and before upgrading, I might and may access the contents of the drive by using Total Commander. This seems the only way. It can't access and then brings up a dialog and asks for using administrative rights. If I click the button, it may show the contents! why? I'm the administrator already!
    3. Issues like permissions in security or ownership seem not to be applicable, since they're set to both System and Administrators which I think that they're not Windows dependent and use the same GUID around all Windows.
    Monday, December 7, 2015 1:10 PM

All replies

  • Hello,

    Some few remarks

    Notes:

    1. In my previous Windows which I could see the contents of the drive, I was seeing a tiny lock icon on the root folders (the folders which were located on the root of the drive), while this didn't appear on their sub-folders. What is that?

    It seems that your root folder was EFS protected / encrypted, that could explain why you can't have access if the related key was dropped. Could you confirm such manipulation ?

    Regards,


    Follow me on Twitter http://www.twitter.com/liontux | My Blog (French/English) : http://security.sakuranohana.fr/

    Tuesday, December 8, 2015 4:30 PM
  • no, it's not. once i use efs and it caused me to lose all of my data. so i'll never use it.

    the problem was simple. i don't know why, but security settings caused me not to access the data. it was not bitlocker. when i changed the owner of the drive and its decendants to everyone, it solved the problem.

    Wednesday, December 9, 2015 4:23 AM
  • The permissions are certainly specific to the environment and authenticated against both computer and user credentials. You cannot just pop in a drive from another computer and expect it to be accessible from the Administrator account because the two Administrator accounts are different.

    In your scenario you just need to take ownership with the account you are now using or the Administrators group on the new computer, depending on your intentions for the data.

    Brandon
    Windows Outreach Team- IT Pro
    MDOP for IT Pros at TechNet

    Wednesday, December 23, 2015 7:38 PM
    Moderator
  • Another thing is that you’ve posted this thread in the forum for MBAM, the enterprise tool for managing BitLocker protected clients. It would appear your question is in regards to BitLocker and permissions on a single computer, as such I will move this to the Windows 10 Security forum.

    Brandon
    Windows Outreach Team- IT Pro
    MDOP for IT Pros at TechNet

    Wednesday, December 23, 2015 7:40 PM
    Moderator