Is it possible that my drive was encrypted through corporate email account even if the corp does not control my laptop?

pigeon 1 Reputation point
2021-09-25T17:30:57.7+00:00

My bitlocker key id does not match the key id on the screen and naturally my key doesn't work. This is my personal pc. I use a corporate email / ms account for work with a company. I don't see a key associated with my corporate email when I look in that account in the same way that I do see a key associated with my personal account. I was advised by a local IT professional to ask the corporation's system administrator to look for a bitlocker key associated with my email account. The corporation IT people refuse to engage a system administrator to look for a key for my account citing that the company does not control my laptop. My IT person disagrees. Who do I believe?

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,837 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Limitless Technology 39,501 Reputation points
    2021-09-28T19:02:25.827+00:00

    Hello Pigeon,

    This issue may be caused by settings that are controlled by Group Policy Objects (GPOs).

    To repair the security descriptor of BDESvc, open an elevated PowerShell window and enter the following command:

    sc sdset bdesvc D:(A;;CCDCLCSWRPWPDTLORCWDWO;;;SY)(A;;CCDCLCSWRPWPDTLORCWDWO;;;BA)(A;;CCLCSWRPLORC;;;BU)(A;;CCLCSWRPLORC;;;AU)S:(AU;FA;CCDCLCSWRPWPDTLOSDRCWDWO;;;WD)

    Restart the computer.

    The issue should now be resolved.

    If you have determined that your BitLocker issue involves the Trusted Platform Module (TPM), see BitLocker cannot encrypt a drive: known TPM issues using below link,

    https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues

    If the problem persists, do follow the below link for further information,

    https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues#access-is-denied-message-when-you-try-to-encrypt-removable-drives

    --------------------------------------------------------------------------------------------------------------------------

    Hope this answers all your queries, if not please do repost back.
    If an Answer is helpful, please click "Accept Answer" and upvote it : )

    0 comments No comments

  2. pigeon 1 Reputation point
    2021-09-29T12:39:47.48+00:00

    Hi Limitless Technology,

    Thanks for the info.

    All I have is command prompt. x:\windows\system32> or D:\> but no C:\

    The command 'start powershell' returns an error: windows cannot find 'powershell'...

    I went ahead and tried from the command prompt and an error was returned: 'sc' is not recognized....

    Is there another way to do something from command prompt?

    0 comments No comments

  3. Darrell Gorter 1,471 Reputation points
    2021-09-29T15:47:18.377+00:00

    Hello,
    This may be related to Exchange Policies
    See this page
    Mobile device mailbox policies in Exchange Server

    Require Device Encryption

    0 comments No comments