janhoedt
asked on
Disable bitlocker (togo)
Hi,
We implemented a bitlocker policy which works fine.
Now I want to disable it for my machine since I need to make a bootable USB.
I removed my pc from the container and did a gpo /update but I cannot write to the usb (write protected).
Please advise howto troublesehoot.
J.
We implemented a bitlocker policy which works fine.
Now I want to disable it for my machine since I need to make a bootable USB.
I removed my pc from the container and did a gpo /update but I cannot write to the usb (write protected).
Please advise howto troublesehoot.
J.
ASKER
Bitlocker IS not enabled, that's the whole point/problem for me.
ASKER
It tells me I need to enable bitlocker to write to it, but I cannot do this, since a bootable usb doesn't support bitlocker.
I need to disable the mechanism which enabled/triggers bitlocker @ whole.
I need to disable the mechanism which enabled/triggers bitlocker @ whole.
Hi, I assume you have made a GPO to configure Bitlocker on your clients.
Since all Bitlocker settings are located under the "Computer Configuration\Administrati ve Templates\Windows Components\BitLocker Drive Encryption", you'll have to:
1. Create a new GPO where you "disable/not configured" the settings you made in your original Bitlocker GPO.
2. Create a new OU and link the new GPO to the new OU.
3. Move your PC to the new OU, and run gpupdate /force.
GPO settings made to "\Administrative Templates\" may be tattoed to the registry, so you have to revert them.
Since all Bitlocker settings are located under the "Computer Configuration\Administrati
1. Create a new GPO where you "disable/not configured" the settings you made in your original Bitlocker GPO.
2. Create a new OU and link the new GPO to the new OU.
3. Move your PC to the new OU, and run gpupdate /force.
GPO settings made to "\Administrative Templates\" may be tattoed to the registry, so you have to revert them.
ASKER
Thanks, well indeed that s what I did by removing from ou and gpupdate.
Now in fact the settings are tattoted and therefore this ticket to know howto undo.
Now in fact the settings are tattoted and therefore this ticket to know howto undo.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks!
2. Click "Turn Off BitLocker" and click "Disable BitLocker Drive Encryption." This will temporarily disable BitLocker by storing the key to decrypt the drive in plain text. Your drive will not be decrypted, but will still be easily accessible for updating.
3. Click "Turn Off BitLocker" and click "Decrypt the Volume" to completely remove BitLocker protection. All of your data will be decrypted.