Share via

Cannot resume bitlocker after CU suspends it

Anonymous
2021-07-09T18:03:18+00:00

This happens to many hundreds of our enterprise devices every month, after a cumulative update is installed on Windows. Bitlocker becomes suspended for multiple reboots. Ultimately, I'd like to solve the root of the problem by eliminating the suspension over several reboots. However, for now, I just want to manually resume BitLocker without forcing a reboot. Here's the situation. Notice that the protection status indicates that BitLocker is suspended, and it will resume after one more reboot - this just after booting up from the CU install..

PS C:\WINDOWS\system32> manage-bde -status

BitLocker Drive Encryption: Configuration Tool version 10.0.19041

Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Disk volumes that can be protected with

BitLocker Drive Encryption:

Volume C: [43V65H2]

[OS Volume] 

Size:                 442.05 GB 

BitLocker Version:    2.0 

Conversion Status:    Fully Encrypted 

Percentage Encrypted: 100.0% 

Encryption Method:    XTS-AES 128 

**Protection Status:    Protection Off (1 reboots left)** 

Lock Status:          Unlocked 

Identification Field: Unknown 

Key Protectors: 

    Numerical Password 

    TPM

During boot-up, we can detect this condition and execute some PowerShell, or run "manage-bde". However, we get these errors when trying to do either one:

PowerShell:

PS C:\WINDOWS\system32> Resume-BitLocker -MountPoint "C:"

Resume-BitLocker : Data of this type is not supported. (Exception from HRESULT: 0x8007065E)

At line:1 char:1

  • Resume-BitLocker -MountPoint "C:" 
  • 
    + CategoryInfo          : NotSpecified: (:) [Write-Error], COMException 

    + FullyQualifiedErrorId : System.Runtime.InteropServices.COMException,Resume-BitLocker

Manage-bde:

PS C:\WINDOWS\system32> manage-bde -protectors -enable c:

BitLocker Drive Encryption: Configuration Tool version 10.0.19041

Copyright (C) 2013 Microsoft Corporation. All rights reserved.

ERROR: An error occurred (code 0x8007065e):

Data of this type is not supported.

Is there any way to resume BitLocker manually, when it is in the state of "Protection Off (1 reboots left)"?

Windows 20H2 (OS Build 19042.1083)

Windows for home | Windows 10 | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2021-07-10T06:00:10+00:00

    Hi,

    Thank you for writing to Microsoft Community Forums.

    We understand the concern as BitLocker becomes suspended for multiple reboots..

    However, for concern/queries related to BitLocker suspends, let me help to point you in the right direction. I would suggest you to Ask a question in Q&A forum where you will find professionals with expertise on BitLocker Encryption and that would be the appropriate forum.

    You may also refer these articles for additional information:

    BitLocker To Go FAQ

    BitLocker Group Policy settings

    Regards,

    Aditya Roy

    Microsoft Community – Moderator

    Was this answer helpful?

    0 comments