** Information: "A trusted WIM file has been added for volume C. ** Warning: "BitLocker resealed boot settings to the TPM for volume C:" ** Information: "BitLocker successfully sealed a key to the TPM", "PCRs measured include ", "The source for these PCRs was: Group Policy." * There are periodic 3 event sets (once every few days, may coincide with Recovery Key prompt - have not confirmed): * There are daily "Information" events that say this: "BitLocker cannot use Secure Boot for integrity because it is disabled in Group Policy." I did review the eventviewer (the group is "BitLocker-API | Management"). > Applications and Services Logs > Microsoft > Windows >Bitlocker " How can I diagnose why BitLocker is asking for the recovery key?" - is it logged? I am not so sure - please look at eventviewer Requests, but since your state is abnormal already (at least if it is as you report it), you can't be sure it helps. You will need to provide reproducible steps.Īnd about your " how do I disable BitLocker asking for the recovery key entirely" - you can change what triggers recovery key It never (not once) requested the recovery key after we install firmware updates to parts of the mainboard remove the hard drive and connect it to another machine change bios config like boot order or toggle secure boot on/off The recovery key gets requested (here, on our about 80 computers) only when we I administer Bitlocker in our company for many years. Key, so the solution will not work for me anyways.Īssuming the information being provided to me in this thread, as to why it's asking for the recovery key, is correct, then I have two paths forward:Ī) Per my original question, how do I disable BitLocker asking for the recovery key entirely? I would like it to continue asking for the PIN, but not the recovery key.ī) How can I diagnose why BitLocker is asking for the recovery key? Perhaps this can help me predict the triggering behavior. In fact, I can never predict when an installation will lead to BitLocker asking for a recovery Considering the frequency with which I am installing or updating software, it is not practical to temporary turn off BitLocker. I am not installing driver updates,įirmware, or making BIOS changes. It seems to be related to when I install new software or change the startup programs. BitLocker is frequently is asking for a recovery key. I don't believe this is a practical solution with the behavior I have.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |