Script or Method to Unlock Bitlocker External HDD when Plugged

Hi guys

We have backup types and all Eternal HDD are encrypted using BitLocker, now when I plug in one of the disks I have to login to the host and Unlock it. Is there any script or Method that I can setup to "When I connect one of the External HDD it will Automatilcy Unlock it using the password"  

Please could you help me to figure it out the script?

thank you
yodaaAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
After you enter the password, simply right click the drive and select "manage bitlocker". That menu will offer to auto-unlock this drive on this machine from then on, without requiring any additional steps.
0
yodaaAuthor Commented:
Yes it is already setup like that but it doesn't work. I have to login to the server to unlock it anyway.
0
McKnifeCommented:
Ah, this is an external drive used at a server and it should unlock without logon - I see!
If the drive would mount to the same drive letter all the time, that would be easy. You could simply use a batch-oneliner to unlock it, started by task scheduler at times right before your backup should start.
manage-bde -unlock x: -rp 111111-2222222-...yourrecoveryKey...666666

Open in new window

Task scheduler would need to run this task as system account.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

yodaaAuthor Commented:
Aha, but the task scheduler will now which HDD to Unlock it? Also it has to be recovery key? I cannot use  Password?
0
McKnifeCommented:
No, you cannot use a password, for scripts, only the recovery key works. Task scheduler does not know anything - as I told you, assuming it mounts to the same drive letter (in this example: x:), it will work, but you can try that mounting command on all letters, if you are unable to determine the drive letter - it doesn't hurt.

The batch could go
manage-bde -unlock d: -rp 111111-2222222-...yourrecoveryKey...666666
manage-bde -unlock e: -rp 111111-2222222-...yourrecoveryKey...666666
manage-bde -unlock f: -rp 111111-2222222-...yourrecoveryKey...666666
...
manage-bde -unlock x: -rp 111111-2222222-...yourrecoveryKey...666666
manage-bde -unlock y: -rp 111111-2222222-...yourrecoveryKey...666666
manage-bde -unlock z: -rp 111111-2222222-...yourrecoveryKey...666666
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
yodaaAuthor Commented:
Okay, we have 3 backups types as the rotation. On Monday i will plug disk 1, Tuesday disk 2 etc.  but you know there is holidays so the same External HDD could be plugged for 4 days.
0
McKnifeCommented:
So?
What should that tell me? What do you need to understand to setup that scheduled task? All info is already there.
0
nobusCommented:
if there's an auto script for unlocking the drive when plugged in - what's the use of encrypting it with bitlocker??
sorry - i just don't get it
0
McKnifeCommented:
Think hard. Are there situations where this drive is protected or not? How would anyone get to the data now when it is unlocked but the computer is licked. There is no way, when removed, it locks again.
0
yodaaAuthor Commented:
Hi

The batches need to run with Admin rights, so now I am working about security as the batches can be modify very easily  especially when it runs as the admin.

Is there any different solution for example using TPM?
0
McKnifeCommented:
"so now I am working about security" - you are what? There is no way to "easily" modify that batch if you place it in a folder where only admins have write permissions. Of course, since the batch holds the recovery keys, users should not be granted read permissions - I thought that was obvious.

You have a solution. It is secure.
The tpm, by the way, cannot be used on removable data drives, but only on OS drives.
0
yodaaAuthor Commented:
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Encryption

From novice to tech pro — start learning today.