BitLocker We Meet Again!
My boss came into mission control(aka The IT Office, and yes I totally ripped that name off from BOFH) and told me that his laptop(a Latitude E6330 if I recall correctly) screen was not functioning properly(also known as, “My screen is fucked/dead”).
As i always do I tried to boot the device, and saw that the machine did turn on it’s “Hey my power light is flashing so that means I turned on”, but I wanted to check his theory about the screen being dead, so i connected it to one of my BenQ 24″ displays, with a VGA cable, and waited for anything to show up….
Guess what, nothing showed up on the external or the laptop screen!
This meant that the screen on the laptop probably was not the problem, the laptop didn’t seem to boot up at all, only the power led’s were lighting up..
So I figured the machine probably wouldn’t ever again…. or in the IT languag: “The laptop is fucked”.
The Quest Continues!
I then took out the HDD, and placed it in one of the HDD Docks we’ve got(Cheap HDD Docks…), And tried to get access to the HDD, but of course i again forgot that our company issues BitLocker on every PC and their dogs…
So I tried to go the “my computer” page and find a choice for “unlock BitLocker’ed HDD” , but no such luck..
So I then turned to the holiest of holy: Google.
I used my clever search techniques such as “how to remove BitLocker from HDD” but nothing turned up, I then got a brilliant idea, Maybe I could decrypt the BitLocker drive through the command line!
So I looked through google, and found this TechNet article on using manage-bde in the command line to unlock a BitLocker enabled HDD!
Then I reinstalled a new laptop for him with the standard Windows 7 company image and some additional tools he needed and Delivered the PC back to him.
So here is what you should do if you are in the same situation:
The Tutorial Part
- Connect your BitLocker enabled HDD to a HDD Dock.
- Find your BitLocker Recovery Password in AD Users & Computers(How to do that)
- Open CMD as administrator
- type:
- manage-bde -unlock *DRIVE LETTER*: -recoverypassword YOUR-BITLOCKER-RECOVERY-KEY-HERE
- manage-bde -off
- now you have unlocked and disabled BitLocker
Further Reading
- http://technet.microsoft.com/en-us/library/ff829849(v=ws.10).aspx
- http://technet.microsoft.com/en-us/library/ff829857(v=ws.10).aspx
- http://technet.microsoft.com/en-us/library/ff829854(v=ws.10).aspx
Also check out my other BitLocker posts:
This is a repost from the blog on my website, hoping to snap up some readers, as this is the sort of nichè i cater to.
Original post: http://blog.helgesverre.com/how-to-unlock-bitlocker-enabled-hdd-through-cmd/