Bitlocker command line switches - am I doing something wrong?
-
Silly question but...you do have BL turned on, right? - anonymous_9363 10 years ago
-
Yep. The 'manage-bde -on C: -RecoveryPassword' command throws up an error if there is no TPM or if it needs turned on. - alphabeta 10 years ago
Answers (2)
Are these x64 machines? if so try running %windir%\sysnative\Manage-BDE.exe
http://www.itninja.com/blog/view/use-kace-to-store-and-retrieve-bitlocker-recovery-keys
Frightfully late here but maybe this will help someone else. With the first line you're setting a recovery password (parameter used when created is: -recoverypassword), but the second line you're trying to change the regular drive "password" (parameter used when created is: -password) which is used to prevent people who don't have the password from unlocking the drive. To change the recovery password, you'll likely have to remove it first:
manage-bde.exe c: -protectors -delete -id {ID of recovery password protector}
-or-
manage-bde.exe c: -protectors -delete -type recoverypassword
Then set a new one with the first line you mentioned:
manage-bde -on C: -RecoveryPassword xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx