Forum Discussion
Disable BitLocker prompting on boot?
You can try either suspending or disable then re-enable:
Suspend:
- Right click Bitlockered Drive (c:) in file explorer
- Select Manage Bitlocker (this opens BL Drive Encryption)
- Click Suspend
- Click Yes
- Reboot
- Repeat steps 1 & 2
- Click Resume Protection
- Reboot
Or
Disable/Enable:
In elevated PoSh window:
<for remote establish a session 1st>
manage-bde -protectors -disable c:
reboot
manage-bde -protectors -enable c:
reboot
- ViProConJul 09, 2020Brass ContributorSorry I seemed to have missed the notifications on this thread. I actually completely forget what machine I did this work on that had those options greyed out so I'll just bear it in mind if I stumble into it. I'm curious though, if you Suspend protection, does that not just fully decrypt the drive...which presumably takes a while? Can you Resume Protection when it's not yet finished Suspending it?
- ViProConJan 27, 2020Brass Contributor
Oh so do you mean that suspending or disabling might make those other 2 options available to toggle? That's logical I agree so I'll test that out, however my goal is to avoid enabling any features that result in users having to interact at boot time to allow booting to occur. It seems all of these 3 options in some way will ask a user to interact, which means, if I'm using remote access, I'll lock myself out by rebooting.
All I do know is that after enabling and finishing the Bitlocker encryption, I rebooted once, and did not get locked out so it means by default there are no prompts on boot, so that's good.
Now I suppose what I need to understand is why Bitlocker would have any reason to prompt a user on boot, be it triggered by an event, or periodic by design like after certain more intrusive Windows Updates perhaps. *shrug8