From 2f4082801eafa36558bd4152339732ce7a4611b3 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 30 Sep 2024 15:23:36 -0400 Subject: [PATCH] updates from Rafal --- .../data-protection/bitlocker/operations-guide.md | 3 +++ .../data-protection/bitlocker/recovery-overview.md | 1 + .../data-protection/bitlocker/recovery-process.md | 3 +++ 3 files changed, 7 insertions(+) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md b/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md index 7bf6e12c5a..645cf45add 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md @@ -462,6 +462,9 @@ From the **BitLocker Drive Encryption** Control Panel applet, select the OS driv ### Resume BitLocker +> [!NOTE] +> Resuming protection only works on devices that have accepted the Windows EULA. + #### [:::image type="icon" source="images/powershell.svg"::: **PowerShell**](#tab/powershell) ```powershell diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md index 4625b2f5e0..d49761fd5d 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md @@ -21,6 +21,7 @@ The following list provides examples of common events that cause a device to ent - Docking or undocking a portable computer - Changes to the NTFS partition table on the disk - Changes to the boot manager +- PXE booting, unless BitLocker uses the *Network Unlock* feature - Turning off, disabling, deactivating, or clearing the TPM - TPM self-test failure - Upgrading the motherboard to a new one with a new TPM diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md index 4b1498edf5..a3cded5a34 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md @@ -180,6 +180,9 @@ When a volume is unlocked using a recovery password: After the volume is unlocked, BitLocker behaves the same way, regardless of how the access was granted. +> [!NOTE] +> If you move an OS volume with a TPM protector to a different device and unlock it using a recovery protector, BitLocker will bind to the new TPM. Returning the volume to the original device will prompt for the recovery protector due to the TPM mismatch. Once unlocked using recovery protector again, the volume will re-bind to the original device. + If a device experiences multiple recovery password events, an administrator should perform post-recovery analysis to determine the root cause of the recovery. Then, refresh the BitLocker platform validation to prevent entering a recovery password each time that the device starts up. ### Determine the root cause of the recovery