deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-24 06:43:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into v-mathavale-5560668-part3

Browse Source
This commit is contained in:
Mandi Ohlinger
2021-12-13 18:56:31 -05:00
committed by GitHub
parent 4d95be1f7f 428aef431b
commit 08fc299e58
873 changed files with 23905 additions and 89219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md
View File

@ -3,7 +3,7 @@ title: BCD settings and BitLocker (Windows 10)
description: This topic for IT professionals describes the BCD settings that are used by BitLocker.
ms.assetid: c4ab7ac9-16dc-4c7e-b061-c0b0deb2c4fa
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security

12
windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml
View File

@ -1,10 +1,10 @@
### YamlMime:FAQ
metadata:
title: BitLocker and Active Directory Domain Services (AD DS) FAQ (Windows 10)
title: BitLocker and Active Directory Domain Services (AD DS) FAQ (Windows 10)
description: Learn more about how BitLocker and Active Directory Domain Services (AD DS) can work together to keep devices secure.
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -13,15 +13,17 @@ metadata:
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.custom: bitlocker
title: BitLocker and Active Directory Domain Services (AD DS) FAQ
title: BitLocker and Active Directory Domain Services (AD DS) FAQ
summary: |
**Applies to**
- Windows 10
- Windows 10

146
windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md
View File

@ -3,7 +3,7 @@ title: BitLocker basic deployment (Windows 10)
description: This article for the IT professional explains how BitLocker features can be used to protect your data through drive encryption.
ms.assetid: 97c646cb-9e53-4236-9678-354af41151c4
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -12,7 +12,9 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.custom: bitlocker
@ -183,132 +185,20 @@ manage-bde -on C:
Windows PowerShell cmdlets provide an alternative way to work with BitLocker. Using Windows PowerShell's scripting capabilities, administrators can integrate BitLocker options into existing scripts with ease. The list below displays the available BitLocker cmdlets.
<table>
<colgroup>
<col width="50%" />
<col width="50%" />
</colgroup>
<tbody>
<tr class="odd">
<td align="left"><p>Name</p></td>
<td align="left"><p>Parameters</p></td>
</tr>
<tr class="even">
<td align="left"><p><strong>Add-BitLockerKeyProtector</strong></p></td>
<td align="left"><p>-ADAccountOrGroup</p>
<p>-ADAccountOrGroupProtector</p>
<p>-Confirm</p>
<p>-MountPoint</p>
<p>-Password</p>
<p>-PasswordProtector</p>
<p>-Pin</p>
<p>-RecoveryKeyPath</p>
<p>-RecoveryKeyProtector</p>
<p>-RecoveryPassword</p>
<p>-RecoveryPasswordProtector</p>
<p>-Service</p>
<p>-StartupKeyPath</p>
<p>-StartupKeyProtector</p>
<p>-TpmAndPinAndStartupKeyProtector</p>
<p>-TpmAndPinProtector</p>
<p>-TpmAndStartupKeyProtector</p>
<p>-TpmProtector</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><strong>Backup-BitLockerKeyProtector</strong></p></td>
<td align="left"><p>-Confirm</p>
<p>-KeyProtectorId</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><strong>Disable-BitLocker</strong></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><strong>Disable-BitLockerAutoUnlock</strong></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><strong>Enable-BitLocker</strong></p></td>
<td align="left"><p>-AdAccountOrGroup</p>
<p>-AdAccountOrGroupProtector</p>
<p>-Confirm</p>
<p>-EncryptionMethod</p>
<p>-HardwareEncryption</p>
<p>-Password</p>
<p>-PasswordProtector</p>
<p>-Pin</p>
<p>-RecoveryKeyPath</p>
<p>-RecoveryKeyProtector</p>
<p>-RecoveryPassword</p>
<p>-RecoveryPasswordProtector</p>
<p>-Service</p>
<p>-SkipHardwareTest</p>
<p>-StartupKeyPath</p>
<p>-StartupKeyProtector</p>
<p>-TpmAndPinAndStartupKeyProtector</p>
<p>-TpmAndPinProtector</p>
<p>-TpmAndStartupKeyProtector</p>
<p>-TpmProtector</p>
<p>-UsedSpaceOnly</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><strong>Enable-BitLockerAutoUnlock</strong></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><strong>Get-BitLockerVolume</strong></p></td>
<td align="left"><p>-MountPoint</p></td>
</tr>
<tr class="odd">
<td align="left"><p><strong>Lock-BitLocker</strong></p></td>
<td align="left"><p>-Confirm</p>
<p>-ForceDismount</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><strong>Remove-BitLockerKeyProtector</strong></p></td>
<td align="left"><p>-Confirm</p>
<p>-KeyProtectorId</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><strong>Resume-BitLocker</strong></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><strong>Suspend-BitLocker</strong></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-RebootCount</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><strong>Unlock-BitLocker</strong></p></td>
<td align="left"><p>-AdAccountOrGroup</p>
<p>-Confirm</p>
<p>-MountPoint</p>
<p>-Password</p>
<p>-RecoveryKeyPath</p>
<p>-RecoveryPassword</p>
<p>-RecoveryPassword</p>
<p>-WhatIf</p></td>
</tr>
</tbody>
</table>
|Name|Parameters|
|--- |--- |
|**Add-BitLockerKeyProtector**|<li>ADAccountOrGroup<li>ADAccountOrGroupProtector<li>Confirm<li>MountPoint<li>Password<li>PasswordProtector<li>Pin<li>RecoveryKeyPath<li>RecoveryKeyProtector<li>RecoveryPassword<li>RecoveryPasswordProtector<li>Service<li>StartupKeyPath<li>StartupKeyProtector<li>TpmAndPinAndStartupKeyProtector<li>TpmAndPinProtector<li>TpmAndStartupKeyProtector<li>TpmProtector<li>WhatIf|
|**Backup-BitLockerKeyProtector**|<li>Confirm<li>KeyProtectorId<li>MountPoint<li>WhatIf|
|**Disable-BitLocker**|<li>Confirm<li>MountPoint<li>WhatIf|
|**Disable-BitLockerAutoUnlock**|<li>Confirm<li>MountPoint<li>WhatIf|
|**Enable-BitLocker**|<li>AdAccountOrGroup<li>AdAccountOrGroupProtector<li>Confirm<li>EncryptionMethod<li>HardwareEncryption<li>Password<li>PasswordProtector<li>Pin<li>RecoveryKeyPath<li>RecoveryKeyProtector<li>RecoveryPassword<li>RecoveryPasswordProtector<li>Service<li>SkipHardwareTest<li>StartupKeyPath<li>StartupKeyProtector<li>TpmAndPinAndStartupKeyProtector<li>TpmAndPinProtector<li>TpmAndStartupKeyProtector<li>TpmProtector<li>UsedSpaceOnly<li>WhatIf|
|**Enable-BitLockerAutoUnlock**|<li>Confirm<li>MountPoint<li>WhatIf|
|**Get-BitLockerVolume**|<li>MountPoint|
|**Lock-BitLocker**|<li>Confirm<li>ForceDismount<li>MountPoint<li>WhatIf|
|**Remove-BitLockerKeyProtector**|<li>Confirm<li>KeyProtectorId<li>MountPoint<li>WhatIf|
|**Resume-BitLocker**|<li>Confirm<li>MountPoint<li>WhatIf|
|**Suspend-BitLocker**|<li>Confirm<li>MountPoint<li>RebootCount<li>WhatIf|
|**Unlock-BitLocker**|<li>AdAccountOrGroup<li>Confirm<li>MountPoint<li>Password<li>RecoveryKeyPath<li>RecoveryPassword<li>RecoveryPassword<li>WhatIf|
Similar to manage-bde, the Windows PowerShell cmdlets allow configuration beyond the options offered in the control panel. As with manage-bde, users need to consider the specific needs of the volume they are encrypting prior to running Windows PowerShell cmdlets.

6
windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
View File

@ -3,7 +3,7 @@ title: BitLocker Countermeasures (Windows 10)
description: Windows uses technologies including TPM, Secure Boot, Trusted Boot, and Early Launch Antimalware (ELAM) to protect against attacks on the BitLocker encryption key.
ms.assetid: ebdb0637-2597-4da1-bb18-8127964686ea
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -12,7 +12,9 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.custom: bitlocker

2
windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml
View File

@ -4,7 +4,7 @@ metadata:
description: Browse frequently asked questions about BitLocker deployment and administration, such as, "Can BitLocker deployment be automated in an enterprise environment?"
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security

2
windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md
View File

@ -1,7 +1,7 @@
---
title: BitLocker deployment comparison (Windows 10)
description: This article shows the BitLocker deployment comparison chart.
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security

11
windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
View File

@ -1,7 +1,7 @@
---
title: Overview of BitLocker Device Encryption in Windows
description: This topic provides an overview of how BitLocker Device Encryption can help protect data on devices running Windows.
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -10,10 +10,11 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.reviewer:
ms.custom: bitlocker
---
@ -141,6 +142,6 @@ Part of the Microsoft Desktop Optimization Pack, MBAM makes it easier to manage
* Enforces the BitLocker encryption policy options that you set for your enterprise.
* Integrates with existing management tools, such as Microsoft Endpoint Configuration Manager.
* Offers an IT-customizable recovery user experience.
* Supports Windows 11 and Windows 10.
* Supports Windows 10.
For more information about MBAM, including how to obtain it, see [Microsoft BitLocker Administration and Monitoring](/microsoft-desktop-optimization-pack/) on the MDOP TechCenter.
For more information about MBAM, including how to obtain it, see [Microsoft BitLocker Administration and Monitoring](/microsoft-desktop-optimization-pack/) on the MDOP TechCenter.

8
windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml
View File

@ -4,7 +4,7 @@ metadata:
description: Find the answers you need by exploring this brief hub page listing FAQ pages for various aspects of BitLocker.
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -13,7 +13,9 @@ metadata:
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.custom: bitlocker
@ -21,7 +23,7 @@ metadata:
title: BitLocker frequently asked questions (FAQ) resources
summary: |
**Applies to**
- Windows 10
- Windows 10
This topic links to frequently asked questions about BitLocker. BitLocker is a data protection feature that encrypts drives on your computer to help prevent data theft or exposure. BitLocker-protected computers can also delete data more securely when they are decommissioned because it is much more difficult to recover deleted data from an encrypted drive than from a non-encrypted drive.

6
windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
View File

@ -3,7 +3,7 @@ title: BitLocker Group Policy settings (Windows 10)
description: This topic for IT professionals describes the function, location, and effect of each Group Policy setting that is used to manage BitLocker Drive Encryption.
ms.assetid: 4904e336-29fe-4cef-bb6c-3950541864af
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -12,7 +12,9 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 04/17/2019
ms.custom: bitlocker

2
windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md
View File

@ -3,7 +3,7 @@ title: BitLocker How to deploy on Windows Server 2012 and later
description: This topic for the IT professional explains how to deploy BitLocker and Windows Server 2012 and later
ms.assetid: 91c18e9e-6ab4-4607-8c75-d983bbe2542f
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security

6
windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
View File

@ -3,7 +3,7 @@ title: BitLocker - How to enable Network Unlock (Windows 10)
description: This article for the IT professional describes how BitLocker Network Unlock works and how to configure it.
ms.assetid: be45bc28-47db-4931-bfec-3c348151d2e9
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -12,7 +12,9 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.custom: bitlocker

2
windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml
View File

@ -4,7 +4,7 @@ metadata:
description: Browse frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security

7
windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md
View File

@ -1,7 +1,7 @@
---
title: BitLocker Management Recommendations for Enterprises (Windows 10)
description: Refer to relevant documentation, products, and services to learn about managing BitLocker for enterprises and see recommendations for different computers.
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -10,10 +10,11 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.reviewer:
ms.custom: bitlocker
---

2
windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml
View File

@ -2,7 +2,7 @@
metadata:
title: BitLocker Network Unlock FAQ (Windows 10)
description: Familiarize yourself with BitLocker Network Unlock. Learn how it can make desktop and server management easier within domain environments.
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security

8
windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
View File

@ -4,7 +4,7 @@ metadata:
description: This article for IT professionals answers frequently asked questions concerning the requirements to use BitLocker.
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -13,7 +13,9 @@ metadata:
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 07/27/2021
ms.custom: bitlocker
@ -21,7 +23,7 @@ metadata:
title: BitLocker Overview and Requirements FAQ
summary: |
**Applies to**
- Windows 10
- Windows 10
sections:

7
windows/security/information-protection/bitlocker/bitlocker-overview.md
View File

@ -2,9 +2,8 @@
title: BitLocker (Windows 10)
description: This topic provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features.
ms.assetid: 40526fcc-3e0d-4d75-90e0-c7d0615f33b2
ms.reviewer:
ms.author: dansimp
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@ -12,7 +11,9 @@ ms.localizationpriority: medium
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 01/26/2018
ms.custom: bitlocker

6
windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
View File

@ -3,7 +3,7 @@ title: BitLocker recovery guide (Windows 10)
description: This article for IT professionals describes how to recover BitLocker keys from AD DS.
ms.assetid: d0f722e9-1773-40bf-8456-63ee7a95ea14
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -12,7 +12,9 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.custom: bitlocker

6
windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md
View File

@ -2,7 +2,7 @@
title: Breaking out of a Bitlocker recovery loop
description: This topic for IT professionals describes how to break out of a Bitlocker recovery loop.
ms.assetid: #c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -11,7 +11,9 @@ ms.author: v-maave
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 10/28/2019
ms.custom: bitlocker

2
windows/security/information-protection/bitlocker/bitlocker-security-faq.yml
View File

@ -4,7 +4,7 @@ metadata:
description: Learn more about how BitLocker security works. Browse frequently asked questions, such as, "What form of encryption does BitLocker use?"
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security

2
windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml
View File

@ -5,7 +5,7 @@ metadata:
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.author: dansimp
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml
View File

@ -2,7 +2,7 @@
metadata:
title: BitLocker Upgrading FAQ (Windows 10)
description: Learn more about upgrading systems that have BitLocker enabled. Find frequently asked questions, such as, "Can I upgrade to Windows 10 with BitLocker enabled?"
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security

148
windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
View File

@ -3,7 +3,7 @@ title: BitLocker Use BitLocker Drive Encryption Tools to manage BitLocker (Windo
description: This article for the IT professional describes how to use tools to manage BitLocker.
ms.assetid: e869db9c-e906-437b-8c70-741dd61b5ea6
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -12,7 +12,9 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.custom: bitlocker
@ -127,134 +129,20 @@ For more information about using repair-bde, see [Repair-bde](/previous-versions
Windows PowerShell cmdlets provide a new way for administrators to use when working with BitLocker. Using Windows PowerShell's scripting capabilities, administrators can integrate BitLocker options into existing scripts with ease. The list below displays the available BitLocker cmdlets.
<table>
<colgroup>
<col width="50%" />
<col width="50%" />
</colgroup>
<thead>
<tr class="header">
<th><p>Name</p></th>
<th><p>Parameters</p></th>
</tr>
</thead>
<tbody>
<tr class="even">
<td align="left"><p><b>Add-BitLockerKeyProtector</b></p></td>
<td align="left"><p>-ADAccountOrGroup</p>
<p>-ADAccountOrGroupProtector</p>
<p>-Confirm</p>
<p>-MountPoint</p>
<p>-Password</p>
<p>-PasswordProtector</p>
<p>-Pin</p>
<p>-RecoveryKeyPath</p>
<p>-RecoveryKeyProtector</p>
<p>-RecoveryPassword</p>
<p>-RecoveryPasswordProtector</p>
<p>-Service</p>
<p>-StartupKeyPath</p>
<p>-StartupKeyProtector</p>
<p>-TpmAndPinAndStartupKeyProtector</p>
<p>-TpmAndPinProtector</p>
<p>-TpmAndStartupKeyProtector</p>
<p>-TpmProtector</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Backup-BitLockerKeyProtector</b></p></td>
<td align="left"><p>-Confirm</p>
<p>-KeyProtectorId</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>Disable-BitLocker</b></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Disable-BitLockerAutoUnlock</b></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>Enable-BitLocker</b></p></td>
<td align="left"><p>-AdAccountOrGroup</p>
<p>-AdAccountOrGroupProtector</p>
<p>-Confirm</p>
<p>-EncryptionMethod</p>
<p>-HardwareEncryption</p>
<p>-Password</p>
<p>-PasswordProtector</p>
<p>-Pin</p>
<p>-RecoveryKeyPath</p>
<p>-RecoveryKeyProtector</p>
<p>-RecoveryPassword</p>
<p>-RecoveryPasswordProtector</p>
<p>-Service</p>
<p>-SkipHardwareTest</p>
<p>-StartupKeyPath</p>
<p>-StartupKeyProtector</p>
<p>-TpmAndPinAndStartupKeyProtector</p>
<p>-TpmAndPinProtector</p>
<p>-TpmAndStartupKeyProtector</p>
<p>-TpmProtector</p>
<p>-UsedSpaceOnly</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Enable-BitLockerAutoUnlock</b></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>Get-BitLockerVolume</b></p></td>
<td align="left"><p>-MountPoint</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Lock-BitLocker</b></p></td>
<td align="left"><p>-Confirm</p>
<p>-ForceDismount</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>Remove-BitLockerKeyProtector</b></p></td>
<td align="left"><p>-Confirm</p>
<p>-KeyProtectorId</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Resume-BitLocker</b></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-WhatIf</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>Suspend-BitLocker</b></p></td>
<td align="left"><p>-Confirm</p>
<p>-MountPoint</p>
<p>-RebootCount</p>
<p>-WhatIf</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Unlock-BitLocker</b></p></td>
<td align="left"><p>-AdAccountOrGroup</p>
<p>-Confirm</p>
<p>-MountPoint</p>
<p>-Password</p>
<p>-RecoveryKeyPath</p>
<p>-RecoveryPassword</p>
<p>-RecoveryPassword</p>
<p>-WhatIf</p></td>
</tr>
</tbody>
</table>
|Name|Parameters|
|--- |--- |
|**Add-BitLockerKeyProtector**|<li>ADAccountOrGroup<li>ADAccountOrGroupProtector<li>Confirm<li>MountPoint<li>Password<li>PasswordProtector<li>Pin<li>RecoveryKeyPath<li>RecoveryKeyProtector<li>RecoveryPassword<li>RecoveryPasswordProtector<li>Service<li>StartupKeyPath<li>StartupKeyProtector<li>TpmAndPinAndStartupKeyProtector<li>TpmAndPinProtector<li>TpmAndStartupKeyProtector<li>TpmProtector<li>WhatIf|
|**Backup-BitLockerKeyProtector**|<li>Confirm<li>KeyProtectorId<li>MountPoint<li>WhatIf|
|**Disable-BitLocker**|<li>Confirm<li>MountPoint<li>WhatIf|
|**Disable-BitLockerAutoUnlock**|<li>Confirm<li>MountPoint<li>WhatIf|
|**Enable-BitLocker**|<li>AdAccountOrGroup<li>AdAccountOrGroupProtector<li>Confirm<li>EncryptionMethod<li>HardwareEncryption<li>Password<li>PasswordProtector<li>Pin<li>RecoveryKeyPath<li>RecoveryKeyProtector<li>RecoveryPassword<li>RecoveryPasswordProtector<li>Service<li>SkipHardwareTest<li>StartupKeyPath<li>StartupKeyProtector<li>TpmAndPinAndStartupKeyProtector<li>TpmAndPinProtector<li>TpmAndStartupKeyProtector<li>TpmProtector<li>UsedSpaceOnly<li>WhatIf|
|**Enable-BitLockerAutoUnlock**|<li>Confirm<li>MountPoint<li>WhatIf|
|**Get-BitLockerVolume**|<li>MountPoint|
|**Lock-BitLocker**|<li>Confirm<li>ForceDismount<li>MountPoint<li>WhatIf|
|**Remove-BitLockerKeyProtector**|<li>Confirm<li>KeyProtectorId<li>MountPoint<li>WhatIf|
|**Resume-BitLocker**|<li>Confirm<li>MountPoint<li>WhatIf|
|**Suspend-BitLocker**|<li>Confirm<li>MountPoint<li>RebootCount<li>WhatIf|
|**Unlock-BitLocker**|<li>AdAccountOrGroup<li>Confirm<li>MountPoint<li>Password<li>RecoveryKeyPath<li>RecoveryPassword<li>RecoveryPassword<li>WhatIf|
Similar to manage-bde, the Windows PowerShell cmdlets allow configuration beyond the options offered in the control panel. As with manage-bde, users need to consider the specific needs of the volume they are encrypting prior to running Windows PowerShell cmdlets.

8
windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
View File

@ -3,7 +3,7 @@ title: BitLocker Use BitLocker Recovery Password Viewer (Windows 10)
description: This topic for the IT professional describes how to use the BitLocker Recovery Password Viewer.
ms.assetid: 04c93ac5-5dac-415e-b636-de81435753a2
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -12,7 +12,9 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 02/28/2019
ms.custom: bitlocker
@ -28,7 +30,7 @@ ms.custom: bitlocker
This topic for the IT professional describes how to use the BitLocker Recovery Password Viewer.
The BitLocker Recovery Password Viewer tool is an optional tool included with the Remote Server Administration Tools (RSAT). It lets you locate and view BitLocker recovery passwords that are stored in Active Directory Domain Services (AD DS). You can use this tool to help recover data that is stored on a drive that has been encrypted by using BitLocker. The BitLocker Active Directory Recovery Password Viewer tool is an extension for the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. Using this tool, you can examine a computer object's **Properties** dialog box to view the corresponding BitLocker recovery passwords. Additionally, you can right-click a domain container and then search for a BitLocker recovery password across all the domains in the Active Directory forest. You can also search for a password by password identifier (ID).
The BitLocker Recovery Password Viewer tool is an optional tool included with the Remote Server Administration Tools (RSAT). It lets you locate and view BitLocker recovery passwords that are stored in Active Directory Domain Services (AD DS). You can use this tool to help recover data that is stored on a drive that has been encrypted by using BitLocker. The BitLocker Active Directory Recovery Password Viewer tool is an extension for the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. Using this tool, you can examine a computer object's **Properties** dialog box to view the corresponding BitLocker recovery passwords. Additionally you can right-click a domain container and then search for a BitLocker recovery password across all the domains in the Active Directory forest. You can also search for a password by password identifier (ID).
## Before you start

2
windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml
View File

@ -4,7 +4,7 @@ metadata:
description: Learn how to integrate BitLocker with other software on your device.
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security

6
windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
View File

@ -3,7 +3,7 @@ title: Prepare your organization for BitLocker Planning and policies (Windows 10
description: This topic for the IT professional explains how can you plan your BitLocker deployment.
ms.assetid: 6e3593b5-4e8a-40ac-808a-3fdbc948059d
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -12,7 +12,9 @@ author: dansimp
ms.author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
ms.date: 04/24/2019
ms.custom: bitlocker

144
windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
View File

@ -3,7 +3,7 @@ title: Protecting cluster shared volumes and storage area networks with BitLocke
description: This article for IT pros describes how to protect CSVs and SANs with BitLocker.
ms.assetid: ecd25a10-42c7-4d31-8a7e-ea52c8ebc092
ms.reviewer:
ms.prod: w10
ms.prod: m365-security
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
@ -33,14 +33,16 @@ BitLocker can protect both physical disk resources and cluster shared volumes ve
BitLocker on volumes within a cluster are managed based on how the cluster service "views" the volume to be protected. The volume can be a physical disk resource such as a logical unit number (LUN) on a storage area network (SAN) or network attached storage (NAS).
>**Important**  SANs used with BitLocker must have obtained Windows Hardware Certification. For more info, see [Windows Hardware Lab Kit](/windows-hardware/drivers/).
> [!IMPORTANT]
> SANs used with BitLocker must have obtained Windows Hardware Certification. For more info, see [Windows Hardware Lab Kit](/windows-hardware/drivers/).
Alternatively, the volume can be a cluster-shared volume, a shared namespace, within the cluster. Windows Server 2012 expanded the CSV architecture, now known as CSV2.0, to enable support for BitLocker. When using BitLocker with volumes designated for a cluster, the volume will need to turn on
BitLocker before its addition to the storage pool within cluster or put the resource into maintenance mode before BitLocker operations will complete.
Windows PowerShell or the manage-bde command-line interface is the preferred method to manage BitLocker on CSV2.0 volumes. This method is recommended over the BitLocker Control Panel item because CSV2.0 volumes are mount points. Mount points are an NTFS object that is used to provide an entry point to other volumes. Mount points do not require the use of a drive letter. Volumes that lack drive letters do not appear in the BitLocker Control Panel item. Additionally, the new Active Directory-based protector option required for cluster disk resource or CSV2.0 resources is not available in the Control Panel item.
>**Note:**  Mount points can be used to support remote mount points on SMB based network shares. This type of share is not supported for BitLocker encryption.
> [!NOTE]
> Mount points can be used to support remote mount points on SMB based network shares. This type of share is not supported for BitLocker encryption.
For thinly provisioned storage, such as a Dynamic Virtual Hard Disk (VHD), BitLocker runs in Used Disk Space Only encryption mode. You cannot use the **manage-bde -WipeFreeSpace** command to transition the volume to full-volume encryption on these types of volumes. This action is blocked in order to avoid expanding thinly provisioned volumes to occupy the entire backing store while wiping the unoccupied (free) space.
@ -57,14 +59,17 @@ You can also use an Active Directory Domain Services (AD DS) protector for prote
4. Registry-based auto-unlock key
>**Note:**  A Windows Server 2012 or later domain controller is required for this feature to work properly.
> [!NOTE]
> A Windows Server 2012 or later domain controller is required for this feature to work properly.
### Turning on BitLocker before adding disks to a cluster using Windows PowerShell
BitLocker encryption is available for disks before or after addition to a cluster storage pool. The advantage of encrypting volumes prior to adding them to a cluster is that the disk resource does not require suspending the resource to complete the operation. To turn on BitLocker for a disk before adding it to a cluster:
1. Install the BitLocker Drive Encryption feature if it is not already installed.
2. Ensure the disk is formatted NTFS and has a drive letter assigned to it.
3. Identify the name of the cluster with Windows PowerShell.
```powershell
@ -77,9 +82,11 @@ BitLocker encryption is available for disks before or after addition to a cluste
Enable-BitLocker E: -ADAccountOrGroupProtector -ADAccountOrGroup CLUSTER$
```
>**Warning:**  You must configure an **ADAccountOrGroup** protector using the cluster CNO for a BitLocker enabled volume to either be shared in a Cluster Shared Volume or to fail over properly in a traditional failover cluster.
> [!WARNING]
> You must configure an **ADAccountOrGroup** protector using the cluster CNO for a BitLocker enabled volume to either be shared in a Cluster Shared Volume or to fail over properly in a traditional failover cluster.
5. Repeat the preceding steps for each disk in the cluster.
6. Add the volume(s) to the cluster.
### Turning on BitLocker for a clustered disk using Windows PowerShell
@ -110,7 +117,9 @@ When the cluster service owns a disk resource already, it needs to be set into m
```powershell
Enable-BitLocker E: -ADAccountOrGroupProtector -ADAccountOrGroup CLUSTER$
```
>**Warning:**  You must configure an **ADAccountOrGroup** protector using the cluster CNO for a BitLocker enabled volume to either be shared in a Cluster Shared Volume or to fail over properly in a traditional failover cluster.
> [!WARNING]
> You must configure an **ADAccountOrGroup** protector using the cluster CNO for a BitLocker enabled volume to either be shared in a Cluster Shared Volume or to fail over properly in a traditional failover cluster.
6. Use **Resume-ClusterResource** to take the physical disk resource back out of maintenance mode:
@ -160,110 +169,23 @@ Unlike CSV2.0 volumes, physical disk resources can only be accessed by one clust
The following table contains information about both Physical Disk Resources (that is, traditional failover cluster volumes) and Cluster Shared Volumes (CSV) and the actions that are allowed by BitLocker in each situation.
<table>
<colgroup>
<col width="20%" />
<col width="20%" />
<col width="20%" />
<col width="20%" />
<col width="20%" />
</colgroup>
<tbody>
<tr class="odd">
<td align="left"><p><b>Action</b></p></td>
<td align="left"><p><b>On owner node of failover volume</b></p></td>
<td align="left"><p><b>On Metadata Server (MDS) of CSV</b></p></td>
<td align="left"><p><b>On (Data Server) DS of CSV</b></p></td>
<td align="left"><p><b>Maintenance Mode</b></p></td>
</tr>
<tr class="even">
<td align="left"><p><b>Manage-bde on</b></p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Manage-bde off</b></p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>Manage-bde Pause/Resume</b></p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Blocked<b></p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Manage-bde lock</b></p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>manage-bde wipe</b></p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Unlock</b></p></td>
<td align="left"><p>Automatic via cluster service</p></td>
<td align="left"><p>Automatic via cluster service</p></td>
<td align="left"><p>Automatic via cluster service</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>manage-bde protector add</b></p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>manage-bde -protector -delete</b></p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>manage-bde autounlock</b></p></td>
<td align="left"><p>Allowed (not recommended)</p></td>
<td align="left"><p>Allowed (not recommended)</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed (not recommended)</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Manage-bde -upgrade</b></p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="even">
<td align="left"><p><b>Shrink</b></p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
<tr class="odd">
<td align="left"><p><b>Extend</b></p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Allowed</p></td>
<td align="left"><p>Blocked</p></td>
<td align="left"><p>Allowed</p></td>
</tr>
</tbody>
</table>
&gt;</b>Note:** Although the manage-bde -pause command is Blocked in clusters, the cluster service will automatically resume a paused encryption or decryption from the MDS node
| Action | On owner node of failover volume | On Metadata Server (MDS) of CSV | On (Data Server) DS of CSV | Maintenance Mode |
|--- |--- |--- |--- |--- |
|**Manage-bde on**|Blocked|Blocked|Blocked|Allowed|
|**Manage-bde off**|Blocked|Blocked|Blocked|Allowed|
|**Manage-bde Pause/Resume**|Blocked|Blocked**|Blocked|Allowed|
|**Manage-bde lock**|Blocked|Blocked|Blocked|Allowed|
|**manage-bde wipe**|Blocked|Blocked|Blocked|Allowed|
|**Unlock**|Automatic via cluster service|Automatic via cluster service|Automatic via cluster service|Allowed|
|**manage-bde protector add**|Allowed|Allowed|Blocked|Allowed|
|**manage-bde -protector -delete**|Allowed|Allowed|Blocked|Allowed|
|**manage-bde autounlock**|Allowed (not recommended)|Allowed (not recommended)|Blocked|Allowed (not recommended)|
|**Manage-bde -upgrade**|Allowed|Allowed|Blocked|Allowed|
|**Shrink**|Allowed|Allowed|Blocked|Allowed|
|**Extend**|Allowed|Allowed|Blocked|Allowed|
> [!NOTE]
> Although the manage-bde -pause command is Blocked in clusters, the cluster service will automatically resume a paused encryption or decryption from the MDS node
In the case where a physical disk resource experiences a failover event during conversion, the new owning node will detect the conversion is not complete and will complete the conversion process.
@ -276,4 +198,4 @@ Also take these considerations into account for BitLocker on clustered storage:
- If conversion is paused with encryption in progress and the CSV volume is offline from the cluster, the cluster thread (health check) will automatically resume conversion when the volume is online to the cluster.
- If conversion is paused with encryption in progress and a physical disk resource volume is offline from the cluster, the BitLocker driver will automatically resume conversion when the volume is online to the cluster.
- If conversion is paused with encryption in progress, while the CSV volume is in maintenance mode, the cluster thread (health check) will automatically resume conversion when moving the volume back from maintenance.
- If conversion is paused with encryption in progress, while the disk resource volume is in maintenance mode, the BitLocker driver will automatically resume conversion when the volume is moved back from maintenance mode.
- If conversion is paused with encryption in progress, while the disk resource volume is in maintenance mode, the BitLocker driver will automatically resume conversion when the volume is moved back from maintenance mode.

12
windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md
View File

@ -2,12 +2,12 @@
title: Guidelines for troubleshooting BitLocker
description: Describes approaches for investigating BitLocker issues, including how to gather diagnostic information
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker
@ -34,7 +34,7 @@ Open Event Viewer and review the following logs under Applications and Services
Additionally, review the Windows logs\\System log for events that were produced by the TPM and TPM-WMI event sources.
To filter and display or export logs, you can use the [wevtutil.exe](/windows-server/administration/windows-commands/wevtutil) command-line tool or the [Get-WinEvent](/powershell/module/microsoft.powershell.diagnostics/get-winevent?view=powershell-6) cmdlet.
To filter and display or export logs, you can use the [wevtutil.exe](/windows-server/administration/windows-commands/wevtutil) command-line tool or the [Get-WinEvent](/powershell/module/microsoft.powershell.diagnostics/get-winevent?view=powershell-6&preserve-view=true) cmdlet.
For example, to use wevtutil to export the contents of the operational log from the BitLocker-API folder to a text file that is named BitLockerAPIOpsLog.txt, open a Command Prompt window, and run the following command:
@ -88,11 +88,11 @@ Open an elevated Windows PowerShell window, and run each of the following comman
|Command |Notes |
| --- | --- |
|[**get-tpm \> C:\\TPM.txt**](/powershell/module/trustedplatformmodule/get-tpm?view=win10-ps) |Exports information about the local computer's Trusted Platform Module (TPM). This cmdlet shows different values depending on whether the TPM chip is version 1.2 or 2.0. This cmdlet is not supported in Windows 7. |
|[**get-tpm \> C:\\TPM.txt**](/powershell/module/trustedplatformmodule/get-tpm?view=win10-ps&preserve-view=true) |Exports information about the local computer's Trusted Platform Module (TPM). This cmdlet shows different values depending on whether the TPM chip is version 1.2 or 2.0. This cmdlet is not supported in Windows 7. |
|[**manage-bde status \>&nbsp;C:\\BDEStatus.txt**](/windows-server/administration/windows-commands/manage-bde-status) |Exports information about the general encryption status of all drives on the computer. |
|[**manage-bde c: <br />-protectors -get \>&nbsp;C:\\Protectors**](/windows-server/administration/windows-commands/manage-bde-protectors) |Exports information about the protection methods that are used for the BitLocker encryption key. |
|[**reagentc&nbsp;/info&nbsp;\>&nbsp;C:\\reagent.txt**](/windows-hardware/manufacture/desktop/reagentc-command-line-options) |Exports information about an online or offline image about the current status of the Windows Recovery Environment (WindowsRE) and any available recovery image. |
|[**get-BitLockerVolume \| fl**](/powershell/module/bitlocker/get-bitlockervolume?view=win10-ps) |Gets information about volumes that BitLocker Drive Encryption can protect. |
|[**get-BitLockerVolume \| fl**](/powershell/module/bitlocker/get-bitlockervolume?view=win10-ps&preserve-view=true) |Gets information about volumes that BitLocker Drive Encryption can protect. |
## Review the configuration information

6
windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues.md
View File

@ -2,12 +2,12 @@
title: BitLocker cannot encrypt a drive known issues
description: Provides guidance for troubleshooting known issues that may prevent BitLocker Drive Encryption from encrypting a drive
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker

6
windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues.md
View File

@ -2,12 +2,12 @@
title: BitLocker cannot encrypt a drive known TPM issues
description: Provides guidance for troubleshooting known issues that may prevent BitLocker Drive Encryption from encrypting a drive, and that you can attribute to the TPM
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker

6
windows/security/information-protection/bitlocker/ts-bitlocker-config-issues.md
View File

@ -2,12 +2,12 @@
title: BitLocker configuration known issues
description: Describes common issues that involve your BitLocker configuration and BitLocker's general functionality, and provides guidance for addressing those issues.
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker

6
windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md
View File

@ -2,12 +2,12 @@
title: Decode Measured Boot logs to track PCR changes
description: Provides instructions for installing and using a tool for analyzing log information to identify changes to PCRs
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker

10
windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md
View File

@ -2,15 +2,17 @@
title: Enforcing BitLocker policies by using Intune known issues
description: provides assistance for issues that you may see if you use Microsoft Intune policy to manage silent BitLocker encryption on devices.
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker
ms.collection:
- Windows Security Technologies\BitLocker
- highpri
ms.topic: troubleshooting
ms.date: 10/18/2019
ms.custom: bitlocker

6
windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues.md
View File

@ -2,12 +2,12 @@
title: BitLocker Network Unlock known issues
description: Describes several known issues that you may encounter while using Network Unlock, and provided guidance for addressing those issues.
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker

10
windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues.md
View File

@ -2,15 +2,17 @@
title: BitLocker recovery known issues
description: Describes common issues that can occur that prevent BitLocker from behaving as expected when recovering a drive, or may cause BitLocker to start recovery unexpectedly. The article provides guidance for addressing those issues.
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker
ms.collection:
- Windows Security Technologies\BitLocker
- highpri
ms.topic: troubleshooting
ms.date: 10/18/2019
ms.custom: bitlocker

6
windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues.md
View File

@ -2,12 +2,12 @@
title: BitLocker and TPM other known issues
description: Describes common issues that relate directly to the TPM, and provides guidance for resolving those issues.
ms.reviewer: kaushika
ms.technology: windows
ms.prod: w10
ms.technology: windows-sec
ms.prod: m365-security
ms.sitesec: library
ms.localizationpriority: medium
author: Teresa-Motiv
ms.author: v-tea
ms.author: v-tappelgate
manager: kaushika
audience: ITPro
ms.collection: Windows Security Technologies\BitLocker