Sign in to follow this  
Followers 0
lalanc01

Bitlocker

3 posts in this topic

Hi, we want to disable bitlocker on all workstations to prevent users from encrypting their drive by mistake and we have a third party solutions for laptops.

All our users are admins of their workstations, so we can't just disable it, cause they have the ability to reenable it.

I've seach everywhere for a way to disable it through GPO, registry or any other way, but there doesn't seem to be any.

Really need help with this

Steph

0

Share this post


Link to post
Share on other sites

There's no way to disable bitlocker, but if your users are already running as non-administrators they cannot enable it anyway. One trick you could try is to set up in GP the configuration to store keys in AD, but don't extend your AD schema and don't configure it for storing bitlocker keys (it'll fail if someone does manage to run it on a domain machine). But no, there are no inbox options for actually *disabling* bitlocker entirely.

0

Share this post


Link to post
Share on other sites

You can easily disable Bitlocker by simply setting the Bitlocker Drive Encryption Service to disabled and stopped. You could also stop and disable the TPM Base Services service as the Bitlocker service uses it for every mode except one.

Edited by SyntaxError
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.