Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Administrator Can't Decrypt Bitlocker


  • Please log in to reply
1 reply to this topic

#1 bitwiz

bitwiz

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 04 November 2017 - 10:56 AM

I have a Windows 8.1 system that is joined to our corporate domain. I am the IT administrator so I have both a domain account with admin rights and a local account on the PC with admin rights.

 

We encrypted this laptop way back when it was set up. The Lenovo software decided (well the user decided...) to install a BIOS update and now when the system boots we continuously get prompted to enter the bitlocker recovery key.

 

I've read on some forums the best way to fix this is decrypt the system, finish all the updates, and re-encrypt. However, when I go to the Bitlocker Drive Encryption control panel, it says "settings are managed by your administrator" (which I am).

 

So I was reading around, and I launched an admin command prompt and typed: cscript manage-bde.wsf -off c:

 

That gives this message:

Warning: The script manage-bde.wsf is not supported. Please use manage-bde.exe.

Error: An error occurred (code 0x80070057) The parameter is incorrect.

 

I tried just changing the command to .exe instead of .wsf, that gives this error:

Input Error: There is no script engine for file extension ".exe"

 

Then I tried:

cscript manage-bde.wsf -status

 

That command shows:

Warning: The script manage-bde.wsf is not supported. Please use manage-bde.exe.

Error: There are no disk volumes that can be protected with Bitlocker Drive Encryption.

 

I've attached a screenshot of the control panel message.

 

Anyone know another method that I can decrypt this system to fix the boot problem?

 

 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 bitwiz

bitwiz
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 04 November 2017 - 11:56 AM

I just tried:

manage-bde -unlock c: -RecoveryKey xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx

 

Error: An error occurred (code 0x80070057)

The parameter is incorrect.

 

And I tried:

manage-bde -unlock c: -RecoveryPassword xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx

 

Error: An error occurred (code 0x80070057)

The parameter is incorrect.

 

Also this computer does have a TPM.

 

I'm at a loss for ideas.


Edited by bitwiz, 04 November 2017 - 12:02 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users