[英]Enabling Disk Encryption with BitLocker Via Powershell On the Operating System Drive (C:\)
I hope somebody here has run into the same issue as myself.我希望这里有人遇到了和我一样的问题。
Oddities running my Powershell script to enable Bitlocker, appears to get to 95% sometimes however most times it fails.奇怪的是,运行我的 Powershell 脚本以启用 Bitlocker,有时似乎达到 95%,但大多数时候它会失败。
OS - Windows 10 Professional 1809 GPO - Running Microsoft's best practices操作系统 - Windows 10 Professional 1809 GPO - 运行 Microsoft 的最佳实践
I've been reading multiple forums and Windows best practices for setting Bitlocker via Powershell, none seem to have the specific answer我一直在阅读通过 Powershell 设置 Bitlocker 的多个论坛和 Windows 最佳实践,似乎没有一个有具体的答案
Enable-BitLocker -MountPoint "C:" -EncryptionMethod Aes256 -RecoveryKeyPath "Valid Path" -RecoveryKeyProtector
do
{
$Volume = Get-BitLockerVolume -MountPoint C:
Write-Progress -Activity "Encrypting volume $($Volume.MountPoint)" -Status "Encryption Progress:" -PercentComplete $Volume.EncryptionPercentage
Start-Sleep -Seconds 1
}
until ($Volume.VolumeStatus -eq 'FullyEncrypted')
####################################################################
"Valid Path" refers to a valid UNC path with valid credentials.
The output seems to come back with:输出似乎回来了:
#################################################################
Enable-BitLockerInternal : Value does not fall within the expected range.
At C:\windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psm1:3733 char:48
+ ... eInternal = Enable-BitLockerInternal -MountPoint $BitLockerVolumeInte ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Enable-BitLockerInternal
I believe this happens with self-encrypting drives using an encryption method below what is required by Group Policy.我相信使用低于组策略要求的加密方法的自加密驱动器会发生这种情况。
My fix:我的修复:
manage-bde -off C:
Delete the files in C:\\Windows\\System32\\Recovery
删除
C:\\Windows\\System32\\Recovery
Wait for it to decrypt等待它解密
Re-run enable-bitlocker
重新运行
enable-bitlocker
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.