Support Forum

This tool has great potential, but we really need help understanding in more detail how to use the tool. There are only two screenshots and a marketing video on youtube that's it. We just need to know how to enable bitlocker and have a recovery password generated and saved in automate. Can anyone assist us with this?

You were pretty close, just needed to look up from main bitlocker forum view. Here is the basic documentation for the plugin after it is successfully installed.

viewforum.php?f=70

Seems no matter what option I choose it is NOT enabling/turning on Bitlocker on my device. Any ideas or anything i can send to help assist?

I am by no means a BitLocker "expert" so do your own diligence.

Our plugin does not determine what is and is a not valid request so if you try to push an Active Directory Account or Group key to an agent that is not on an Active Directory, we will happily pass the request, you will however get a error as a response.

I believe that encrypting a System drive has certain requirements from BitLocker. I do not believe BitLocker will encrypt a system volume unless it can be unlocked during bootup (TPM, Passcode, Pin, etc).

The recovery password key protector serves as a backup method for unlocking the encrypted volume in case you forget the password (applied by another Key Protector). If you choose to use only the recovery password as the key protector, you won't have to enter a password each time you access the volume. Instead, you'll only need to use the recovery password if you ever need to unlock the drive.

So to add a recovery password, you should have another key in place, typically I see TPM as the primary Key and then a recovery key created for that.


You can possibly get more data about error from the command logs on the agents console. At the time you run tool, capture the logs in the commands logs for the commands we are sending down to agent. Both the commands themselves and the return from the agent. Post a complete set on the logs and commands as sent to agent here so we can see if there were any syntax error in commands or a log that explains the failure.

This will help us determine if it is a misconfigure from BitLocker or a error in syntax in the requests.

Ok so I was able to get those protectors added even with that error. Now the question that i've seen asked a few times... how the heck do we get bitlocker enabled through the plugin??

If you add a key, We will enable encryption, you can see it in the error you provided.


outside of adding a protector, Disable/enable button should send a request to bitlocker to enable or disable.