cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Disable BitLocker prompting on boot?

ViProCon
Brass Contributor

‎Jan 25 2020 09:15 PM

‎Jan 25 2020 09:15 PM

Disable BitLocker prompting on boot?

Hi all, 

 

I just enabled and completed Bitlocker encryptoni on C: on a Win 10 Pro machine, remotely.  I saved the bitlocker key file just in case.  In order to maintain remote access over the long term, I want to ensure the computer does not prompt a user for any kind of key, I just need it to boot  to Windows as normal.  I'vec had users in the past, where BitLocker was on, be prompted by it at times, for no known reason.  I really do not need the hassle, so I'm trying to determine how to be sure of this, yet can't. 

 

In Bitlocker under Control Panel, if I click the option (paraphrasing as it's not in front of me right now) "change how driver is unlocked at startup".  

 

If I go into this, the only available options is to set a PIN, the other two options are greyed out. 

 

Do I even want to enable anything in here?  I suppose I need to read up on this a bit more but would appreciate the straight up advice on how to avoid users being prompted, ever, ideally.  

90.4K Views
1 Like
6 Replies
Reply
6 Replies
david kay

‎Jan 25 2020 09:48 PM

‎Jan 25 2020 09:48 PM

Re: Disable BitLocker prompting on boot?

@ViProCon 

 

You can try either suspending or disable then re-enable:

 

Suspend:

  1. Right click Bitlockered Drive (c:) in file explorer
  2. Select Manage Bitlocker (this opens BL Drive Encryption)
  3. Click Suspend
  4. Click Yes
  5. Reboot
  6. Repeat steps 1 & 2
  7. Click Resume Protection
  8. Reboot

 

Or

 

Disable/Enable:

In elevated PoSh window:

<for remote establish a session 1st>

manage-bde -protectors -disable c:

reboot

manage-bde -protectors -enable c:

reboot

1 Like
Reply
ViProCon

‎Jan 27 2020 10:52 AM

‎Jan 27 2020 10:52 AM

Re: Disable BitLocker prompting on boot?

@david kay 

 

Oh so do you mean that suspending or disabling might make those other 2 options available to toggle?  That's logical I agree so I'll test that out, however my goal is to avoid enabling any features that result in users having to interact at boot time to allow booting to occur.  It seems all of these 3 options in some way will ask a user to interact, which means, if I'm using remote access, I'll lock myself out by rebooting.  

 

All I do know is that after enabling and finishing the Bitlocker encryption, I rebooted once, and did not get locked out so it means by default there are no prompts on boot, so that's good.  

 

Now I suppose what I need to understand is why Bitlocker would have any reason to prompt a user on boot, be it triggered by an event, or periodic by design like after certain more intrusive Windows Updates perhaps.  *shrug8

0 Likes
Reply
Dave_NAC

‎Jul 08 2020 09:04 PM

‎Jul 08 2020 09:04 PM

Re: Disable BitLocker prompting on boot?

@ViProCon Hey mate, I just came across your question - did you get this sorted?

Turn TPM 1.2 on in the BIOS Security settings. That'll do the trick.

 

1 Like
Reply
ViProCon

‎Jul 09 2020 07:47 AM

‎Jul 09 2020 07:47 AM

Re: Disable BitLocker prompting on boot?

Sorry I seemed to have missed the notifications on this thread. I actually completely forget what machine I did this work on that had those options greyed out so I'll just bear it in mind if I stumble into it. I'm curious though, if you Suspend protection, does that not just fully decrypt the drive...which presumably takes a while? Can you Resume Protection when it's not yet finished Suspending it?
0 Likes
Reply
ViProCon

‎Jul 09 2020 07:50 AM

‎Jul 09 2020 07:50 AM

Re: Disable BitLocker prompting on boot?

It would be odd if the TPM were turned off but I agree I should have looked, though in thise case it was remote access. These are Dell Optiplex units though, TPM is 'supposed' to be on by default.
Nonetheless that would explain things, unless the drivers related to TPM are outdated somehow causing a breaks between BIOS and OS. Sadly I can't recall what PC this was :( If I ever stumble into it again (I do manage it, just don't know who's it was), I'll remember to post here agian. Could be next year, who kjnows! :) Thanks for responding!
0 Likes
Reply
Ant-1

‎Nov 14 2022 04:38 PM

‎Nov 14 2022 04:38 PM

Re: Disable BitLocker prompting on boot?

@david kay I am facing the problem of a lost recovery key, I am ready to wipe the entire device, however not being able to get through the BitLocker Lock. What can I do?

0 Likes
Reply