![]() Run this cmdlet on each machine that you want to re-encrypt:Įnable-BitLocker -MountPoint C: -RecoveryPasswordProtector -UsedSpaceOnly ![]() Re-encrypt the disks: To re-encrypt the disks, you can use the Enable-BitLocker PowerShell cmdlet. Note that you may need to change the MountPoint parameter to match the drive letter of the disk you want to decrypt.Īpply the new disk encryption policy: After the disks have been decrypted, you can apply the new disk encryption policy by pushing it from Intune or any other device management tool you are using. Run this cmdlet on each machine that you want to decrypt: Here are the steps you can follow: Backup the data on the encrypted machines: Before you begin, it's important to backup any important data on the encrypted machines, as decrypting and re-encrypting the disks will wipe all data on the disks.ĭecrypt the disks: To decrypt the disks, you can use the Disable-BitLocker PowerShell cmdlet. To implement the new disk encryption policy on machines that are already encrypted with basic BitLocker encryption, you will need to decrypt the machines and then re-encrypt them with the new policy. Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. If you have extra questions about this answer, please click "Comment". If the answer is helpful, please click "Accept Answer" and kindly upvote it. Note: Non-Microsoft link, just for the reference.Īfter that, apply the new BitLocker policy to the user or device group to make it work. Then try to decrypt BitLocker Drive via one of the methods in the following link: Please check if other BitLocker policy has assigned to the user or device group. From your description, it seems the device turned on BitLocker when sign in your work account.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |