Powershell BitLocker无法正确解锁驱动器
[英]powershell bitlocker won't unlock drive properly
问题描述
I'm about to write a powershell backup script. 
我将要编写一个Powershell备份脚本。
- First step is to autodetect specific USB drives (by drive-ID) -第一步是自动检测特定的USB驱动器(通过驱动器ID)
- then, unlock-bitlocker unlocks the drive (by password) -然后,unlock-bitlocker解锁驱动器(通过密码)
- free disk space is checked -检查可用磁盘空间
- backup is copied to hard drive -备份复制到硬盘
- lock-bitlocker locks the drive again. -lock-bitlocker再次锁定驱动器。
- Email about backup success is sent. -发送有关备份成功的电子邮件。
now it appears, that running the script the first time won't unlock the drive properly. 现在看来,第一次运行脚本将无法正确解锁驱动器。 I know that, because my check-disk-space function won't find the right disk space. 我知道,因为我的check-disk-space功能找不到正确的磁盘空间。 The script stops, but the drive is shown as unlocked. 脚本停止,但是驱动器显示为未锁定。 Now running the script the second time (drive is sitll unlocked from first run) will find the disk space and the script continues running as it should. 现在第二次运行该脚本(驱动器从第一次运行中被西特尔解锁)将找到磁盘空间,并且脚本将继续按预期运行。
here is a sample of the code, I hope you can help me find out why I need to run the script 2 times to unlock, copy and lock the drive. 这是代码示例,希望您能帮助我找出为什么我需要运行脚本两次来解锁,复制和锁定驱动器。
function getUSBDrive($validDriveIDs)
$connectedDrives = Get-WmiObject Win32_Volume
foreach ($drive in $connectedDrives)
foreach ($id in $validDriveIDs)
if ($drive.DeviceID -eq $id)
return $drive
so in $drive I got my valid USB drive 所以在$ drive中,我得到了有效的USB驱动器
next function should unlock my drive 下一个功能应该解锁我的驱动器
function unlockDrive ($backupDrive, $password)
$SecureString = ConvertTo-SecureString $password -AsPlainText -Force
$DriveLetter = $backupDrive.DriveLetter
Unlock-BitLocker -MountPoint $DriveLetter -Password $SecureString
write-Host "unlocked"
next function says "not enough space" first time, but "enough space" second time 下一个函数第一次说“空间不足”,但是第二次说“空间不足”
function checkFreeSpaceOnUSB($backupDrive)
$freeSpace = ($backupDrive.FreeSpace / 1GB)
if ($freeSpace -lt $minimumDiskSpace)
write-Host "less than $minimumDiskSpace GB free Space on USB Drive"
return 0
else
write-Host "Drive has enough space"
return 1
and this is how I call these functions: 这就是我调用这些函数的方式:
$backupDrive = getUSBDrive $validDriveIDs
unlockDrive $backupDrive $passwordToUnlock
checkFreeSpaceOnUSB $backupDrive
So it seems like unlock-bitlocker won't unlock properly WITHIN the script. 因此,似乎在脚本内unlock-bitlocker无法正确解锁。 Explorer says drive is unlocked after first run. 资源管理器显示驱动器在首次运行后已解锁。 Calling the script second time with or without the unlock function gives same results - it works. 无论是否使用解锁功能,第二次调用脚本都会得到相同的结果-它可以正常工作。 So the first run must have unlocked the drive somehow. 因此,第一次运行一定已以某种方式解锁了驱动器。 Since my english is not the best I hope I could describe the problem good enough. 由于我的英语不是最好的,我希望我能很好地描述问题。
Many thanks in advance for your help! 在此先感谢您的帮助!
1 个解决方案
解决方案1
0 2017-11-25 23:51:25
It seems that inside getUSBDrive you are getting a static copy of current state of drive. 似乎在getUSBDrive中,您正在获取驱动器当前状态的静态副本。 Solution is to retrieve disk metadata once again after unlocking it and overwriting previous value in variable (or using new one). 解决方案是在解锁磁盘元数据并覆盖变量中的先前值(或使用新变量)后再次检索磁盘元数据。 Something like 就像是
$backupDrive = getUSBDrive $validDriveIDs
unlockDrive $backupDrive $passwordToUnlock
$unlockedBackupDrive = getUSBDrive $validDriveIDs
checkFreeSpaceOnUSB $unlockedBackupDrive
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.