![]() For example, if you enable and use TPM that typically involves SecureBoot. When I later came back, I found it in that 'odd' state, and then I stored the BL keys in AD, and it was happy and recoverable.Īlso, BL keys do not necessarily have anything to do with "SecureBoot." They can, but they don't always. Once it does that, then it's fully recoverable - I ran into this issue - BL finished encrypting a drive, and gave no errors. Note also, just because BL got 'enabled,' doesn't mean it got 'activated.' After BL is enabled, if it hasn't yet 'stored the key,' then you can grab a thumb drive, go into the BL UI and it will show something like 'awaiting activation ' which means, it just needs to finish storing your keys on an external media: usually a thumb drive or network drive it will not store them on the drive being encrypted. You didn't give a lot of context, so it's hard to tell. If it's joined to a domain, the BL keys can get stored in AD (a domain admin can view them). ![]() Similar to #1 above - but BL keys got stored in BIOS - I think I've seen this as a possibility.During setup, you or someone (whoever did the setup) allowed BL to get enabled, and stored the Key into a thumb drive or network location. ![]() Old thread, but wanted to mention this has ZERO to do with "typical microsoft." This is the fault of whoever setup your system.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |