This guide will guide you through unlocking and disabling BitLocker encryption on a disc from an offline media using a bootable CD-ROM.
- Start the machine and hit “F12” to enter the boot menu
Note: Some manufacturer use other keys to enter the boot menu.
- Choose an offline media, in this case “CD-ROM Drive” to boot from.
Note: Insert the media provided (CD-ROM).
- Press any key to boot from the CD-ROM.
- You will be presented with the following screen while loading the files on the CD-ROM.
- When Windows is done loading the files you will be presented with the following screen.
- Hit the “F8” key to enter a Command console like on the following picture:
- To unlock the encrypted disc type the following command without quotes: “manage-bde -unlock d: -recoverypassword 054690-447628-511311-378994-103534-548851-245938-122687” where the 6 x 8 digits represent the recovery key provided from Service desk. The output should end up as showed below.
Note: If the machine is restarted, BitLocker will simply lock the drive again. The disc is only readable in the current session at this point. IMPORTANT: DO NOT REBOOT AT THIS TIME.
- Last step is to disable the protection. This is a must to be able to boot the machine into Windows with a unlocked disc. Run the following command without qoutes to disable the protection: “manage-bde –protectors -disable d:”
Optional: The status of BitLocker can be viewed by typing the following command without quotes:
“manage-bde -status d:”.
This is how the final output should end up with both Protection: Off and Lock Status: Unlocked:
- The disc is now unlocked and readable in Windows. Eject the media and reboot the machine.
Note: The following command without quotes will force the machine to reboot: “wpeutil reboot”.
Caution: BitLocker is turned off and all data is now readable in Windows. BitLocker will not automatically turn on the encryption once Windows is back on. This has to be done manually as a separate task in Windows.