Score:-2

Server

Solution to remotely unlock bitlocker on domain

Marc

9/3/23, 8:47 AM

I'm looking for a solution to remotely (on site, connected to our domain) unlock bitlocker on laptops.

After a few research, I found that this is quite possible with BitLocker Network Unlock, but what we're looking for here is not to automatically unlock laptops connected to the domain, but still asking for the bitlocker password, and be able to unlock remotely (rdp ? gloomy powershell command ?) the drive if needed.

Does anyone have any idea ?

EDIT : We're here talking of the boot volume.

0 + 0

domain

remote

bitlocker

vidarlo

9/3/23, 8:48 AM

Bitlocker on boot volumes? Or other volumes?

Marc

9/3/23, 9:18 AM

@vidarlo boot volume, I edited my post, thx

Manu

9/3/23, 9:22 AM

do you mean something you enter the hostname or the ID and you received the recovery password to type it in manually?

Marc

9/3/23, 9:37 AM

not really, it would be better to be able to remotely unlock the volume, not telling the user to enter a long recovery key

Greg Askew

9/3/23, 10:33 AM

So you want to unlock a host remotely, when it is not on the network. Also, entering a recovery key should be *extremely rare*, so this is an edge case with very low usage.

Marc

9/3/23, 10:40 AM

Sorry if I was not clear, but the host IS on the network. But we still want the password prompt, whereas BitLocker Network Unlock automatically unlock the volumes. Or can we configure it so it does not ?

Manu

9/3/23, 11:01 AM

Ah now I get what you want. No, this is not possible. Bitlocker is primarily designed to protect data on mobile devices when they get lost or stolen. Bitlocker Network Unlock is designed to bypass the PIN entry in your corporate LAN which can be seen as "safe" environment therefore remove the need to authenticate.

Marc

9/3/23, 11:49 AM

Alright, I guess this answers my question. Have a great day :)

Score:2

Server

Bernd Schwanenmeister

9/3/23, 1:42 PM

You cannot reach the machine from remote when it hasn't booted, yet. That's why it's called "Bitlocker pre-boot authentication".

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Solution to remotely unlock bitlocker on domain

TH: โซลูชันเพื่อปลดล็อก bitlocker จากระยะไกลบนโดเมน

RO: Soluție pentru deblocarea de la distanță a bitlocker-ului pe domeniu

RU: Решение для удаленной разблокировки битлокера в домене

VI: Giải pháp unlock bitlocker từ xa trên domain

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.