Gary BlokDisable Bitlocker
<img style=”float: right;” src=”https://www.recastsoftware.com/wp-content/uploads/2021/10/Recast-Logo-Dark_Horizontal.svg” alt=”Image” height=”43″ width=”150″>
Disable Bitlocker
This step simply suspends bitlocker. It does not trigger a remove of bitlocker, but only suspends it for the next reboot(s). This is handy when applying firmware updates, or doing in-place reimaging (refresh).
MS Docs
Variables for Disable BitLocker
These are used to set the number of reboots to keep Bitlocker suspended. Check out the links for additional details
-
OSDBitLockerRebootCount
- Accepts 1 – 15 as acceptable input
-
OSDBitLockerRebootCountOverride
- Can be set to 0 for always suspend bitlocker.
PowerShell
- Get-CMTSStepDisableBitLocker
- New-CMTSStepDisableBitLocker
- Remove-CMTSStepDisableBitLocker
- Set-CMTSStepDisableBitLocker
Demo
The Step Image
The Step is simple, pick the drive, or have the TS determine the system drive for you, then pick how many reboots to suspend bitlocker for.
In the log, you can see how the settings relate to the log and how it builds the manage-bde command line.
Here you see a status taken before the step runs, and one after. The difference is the Protection Status: value. After the step runs, the protection is disabled for 1 reboot.
About Recast Software
1 in 3 organizations using Microsoft Configuration Manager rely on Right Click Tools to surface vulnerabilities and remediate quicker than ever before.
Download Free Tools
Request Pricing
See how Right Click Tools are changing the way systems are managed.
Immediately boost productivity with our limited, free to use, Community Edition.
Get started with Right Click Tools today:
