AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() 21ģ Contents 3 About the -status command status command Chapter 5 Disk operation commands About the -decrypt command decrypt command encrypt command stop command resume command Chapter 6 Preboot configuration setup and Display commands bootprop-set -name PWDFORMAT command set-language command set-sound command show-config command Chapter 7 Autologon boot bypass commands About Autologon check-autologon command enable-autologon command disable-autologon command Chapter 8 Client-Server commands show-client-monitor command extend-client-monitor command Chapter 9 User management commands About the user management commands list-users command verify-user command register-user command unregister-user command change-passphrase command change-userdomain command Chapter 10 Disk authentication for WinPE recovery command auth-disk command. 9 About client administrator privileges Audience Important terms System requirements Installing and uninstalling Chapter 2 The Command-Line Interface About syntax and usage About scripting Changing the path Invoking Administrator Command Line About passwords Chapter 3 Help and Version commands About the -help command help (-h) command version command Chapter 4 Disk information commands About the -info command info command enum command. ![]() Verify the new encryption: After the disks have been re-encrypted, you can verify that the new encryption policy has been applied by checking the BitLocker settings on each machine.1 Symantec Endpoint Encryption Drive Encryption Administrator Command Line Guide VersionĢ Contents Preface. The -RecoveryPasswordProtector parameter specifies that the BitLocker recovery password should be used to unlock the disk, and the -UsedSpaceOnly parameter specifies that only used disk space should be encrypted to reduce the time required for encryption. Note that you may need to change the MountPoint parameter to match the drive letter of the disk you want to re-encrypt. Run this cmdlet on each machine that you want to re-encrypt:Įnable-BitLocker -MountPoint C: -RecoveryPasswordProtector -UsedSpaceOnly Re-encrypt the disks: To re-encrypt the disks, you can use the Enable-BitLocker PowerShell cmdlet. Note that you may need to change the MountPoint parameter to match the drive letter of the disk you want to decrypt.Īpply the new disk encryption policy: After the disks have been decrypted, you can apply the new disk encryption policy by pushing it from Intune or any other device management tool you are using. Run this cmdlet on each machine that you want to decrypt: Here are the steps you can follow: Backup the data on the encrypted machines: Before you begin, it's important to backup any important data on the encrypted machines, as decrypting and re-encrypting the disks will wipe all data on the disks.ĭecrypt the disks: To decrypt the disks, you can use the Disable-BitLocker PowerShell cmdlet. To implement the new disk encryption policy on machines that are already encrypted with basic BitLocker encryption, you will need to decrypt the machines and then re-encrypt them with the new policy. Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. If you have extra questions about this answer, please click "Comment". If the answer is helpful, please click "Accept Answer" and kindly upvote it. Note: Non-Microsoft link, just for the reference.Īfter that, apply the new BitLocker policy to the user or device group to make it work. Then try to decrypt BitLocker Drive via one of the methods in the following link: Please check if other BitLocker policy has assigned to the user or device group. From your description, it seems the device turned on BitLocker when sign in your work account.
0 Comments
Read More
Leave a Reply. |