Bitlocker on windows 10

Suddenly multiple computers bitlocker got suspended. I am using windows 10 - 1607 and planning to deploy 1709. I do not know whether 1709 is deployment is automatically suspends the bitlocker but not resuming it. however all systems has not upgraded to 1709 but shown as bit-locker is suspended
Nagesh A SSCCM AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
Running Windows upgrade setup will automatically suspend bitlocker, yes!
It would resume bitlocker as soon as the upgrade is finished. If setup is not successful, bitlocker would be resumed as well.

So what you see is not normal. Since we have BL all over and have done multiple upgrades (1511->1607->1703->1709->1803) and have never seen this.

We upgraded using scripts - how did you?
1
Nagesh A SSCCM AdministratorAuthor Commented:
I upgrade using SCCM as normal windows update. The upgrade package will be available in Software center and user clicks on it to install for update
0
McKnifeCommented:
No experience with sccm. See if the parameter "reboot count" is found somewhere. R.C. Can be used to suspend  BL for a given number of reboots.
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Nagesh A SSCCM AdministratorAuthor Commented:
we have PIN enabled for all systems.  When user starts the system in the morning - it does not ask the bit locker pin and when we check system not upgraded, but bit locker will be suspended mode.  I check bitlocker status, this gives the reboot counts. there is no RC provided in status. therefore it is surprise to me
0
McKnifeCommented:
Look at what's configured by sccm. Maybe it's there.
0
David McMorrisInfrastructure EngineerCommented:
Hi,

BitLocker needs to be suspended on each machine before the Windows upgrade is started. However there is no need to suspend BitLocker if the Windows version is 1709 or higher.

Try looking at this link to add into the SCCM task sequence to suspend BitLocker prior to upgrade:

https://miketerrill.net/2017/04/19/how-to-detect-suspend-and-re-enable-bitlocker-during-a-task-sequence/

Thanks,

David
0
McKnifeCommented:
"BitLocker needs to be suspended on each machine before the Windows upgrade is started. However there is no need to suspend BitLocker if the Windows version is 1709 or higher." - no. Bitlocker auto-suspends with any version of win10 when upgrading.
0
David McMorrisInfrastructure EngineerCommented:
Belt and braces mate.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 10

From novice to tech pro — start learning today.