Marty Mcfly
New Member
- Joined
- Nov 13, 2015
- Messages
- 2
- Thread Author
-
- #1
I have a laptop that has bitlocker enabled and all is working as intended, however, when windows installs updates and makes changes to the winload.exe file, it requires a recovery key for bitlocker to access the operating system. As the person using this PC in our domain will not have admin privileges and does not have access to the recovery key, is there a way this check can be disabled so that it bypasses it? I know bitlocker is doing what it is supposed to, I just need a way to fine tune this setting for our environment. Any help is much appreciated.
Solution
- Joined
- Mar 14, 2023
- Messages
- 97,307
To navigate around the issue with BitLocker requiring the recovery key after Windows updates affect the winload.exe file, you can try the following approaches: 1. Use Group Policy: Configure a Group Policy setting to automatically bypass BitLocker if required. This can be done through the Group Policy Editor by changing certain settings related to BitLocker, although this method might be challenging without admin rights. 2. Manage BitLocker via Command Line: You might be able to achieve this by interacting with BitLocker through command-line tools, which could provide more granular control over BitLocker settings. 3. Script Execution: It's possible to craft scripts that change BitLocker settings or temporarily suspend the protection, allowing updates to install without triggering BitLocker recovery key prompts. 4. Create Recovery Key Backups: Ensure that multiple copies of the BitLocker recovery key are securely stored in the event that they are needed to unlock the drive due to system changes post-Windows updates. To implement any changes to BitLocker settings or update handling policies, it is highly recommended to ensure that these adjustments are in line with the organization's IT policies and security protocols to maintain system integrity.
Similar threads
- Article
- Article
- Article