unlocking bitlocker protected drives not unlocking all drives

Welcome Forums General PowerShell Q&A unlocking bitlocker protected drives not unlocking all drives

This topic contains 7 replies, has 3 voices, and was last updated by

 
Participant
2 months ago.

  • Author
    Posts
  • #167065

    Participant
    Topics: 5
    Replies: 7
    Points: 46
    Rank: Member

    hi the purpose of this script is to unlock at each windows startup the connected usb drives

    this is my xml file

    usb.xml

    and I use this script to unlock each drive that is attached to my computer, however I've got one problem that only one drive gets onlocked and the others don't  can you help me out here what I need to correct

    
    $Base_DIR=(resolve-path .\).Path
    $ddMMyyyy=(get-date).ToString('dd-MM-yyyy');
    $LOG_DIR= $Base_DIR + "\LogFolder"
    $LOG_File = $LOG_DIR + "\unlock"+ $ddMMyyyy + ".log"
    $xml_config =$Base_DIR + "\Usb.xml"
    [xml]$xml_content = Get-Content $xml_config
    
    foreach($entity in $xml_content.GetElementsByTagName("Drive_Name")){
    $Drive = $entity.DRIVE_LETTER
    $serial = $entity.Serial_Number
    $drive_serialnumber = Get-Partition -DriveLetter $Drive | Get-Disk | select-object -ExpandProperty SerialNumber
    $drive_serialnumber.trim()
    
    if($drive_serialnumber.trim() -like $serial){
    .\unlock8gb.ps1
    write-host "Drive succesfully unlocked"
    }else {
    .\Unlock64gb.ps1
    write-host "Drive succesfully unlocked"
    }
    
    }
    
    

     

  • #167071

    Participant
    Topics: 0
    Replies: 44
    Points: 235
    Helping Hand
    Rank: Participant

    There might be a problem on your if condition to match the serial number, You can replace (12,1315) lines with below 2 line in your code and verify

     $drive_serialnumber = $(Get-Partition -DriveLetter $Drive | Get-Disk | select-object -ExpandProperty SerialNumber).trim()
    if($serial -like "*$drive_serialnumber*" )
    • #167080

      Participant
      Topics: 5
      Replies: 7
      Points: 46
      Rank: Member

      hi  the "expandpropertyserialnumber doesn't exist

      best regards

       

    • #167083

      Participant
      Topics: 0
      Replies: 44
      Points: 235
      Helping Hand
      Rank: Participant

      its was typo, Correct it now

    • #167092

      Participant
      Topics: 5
      Replies: 7
      Points: 46
      Rank: Member

      still not working correctly

      only 1 drive is unlocked and the other throws an error not found

      both ps files unlock8gb.ps1 and unlock64gb are working correctly individually

       

  • #167101

    Participant
    Topics: 0
    Replies: 44
    Points: 235
    Helping Hand
    Rank: Participant

    you need to debug the script to understand  at what level it is failing............

    Other thing,I want to ask you, how you have attach drive having same name in windows operating System they must have different name as per my knowledge if that are attached to one system.

    https://1drv.ms/u/s!ApHSCIMC1xeQlwRvdemC9w_Otb6h?e=RLXGqh

  • #167104

    Participant
    Topics: 5
    Replies: 7
    Points: 46
    Rank: Member

    in addition I created another test with the unlock8gb and unlock64gb combined, this is just to see where what goes wrong

    
    $xml_config =$Base_DIR + "\Usb.xml"
    [xml]$xml_content = Get-Content $xml_config
    
    foreach($entity in $xml_content.GetElementsByTagName("Drive_Name")){
    $Drive = $entity.DRIVE_LETTER
    $serial = $entity.Serial_Number
    
    $pass = Get-Content C:\temp\pssdBred.txt|ConvertTo-SecureString
    Unlock-BitLocker -MountPoint $Drive -Password $pass
    $pass1 = Get-Content C:\temp\pstest.txt|ConvertTo-SecureString
    Unlock-BitLocker -MountPoint $Drive -Password $pass1
    
    }
    
    

    this time I get directly an error thrown at me that the Drive cannot be unlocked by the given password which is I suppose somewhere correct if the first drive in the file is different than the one connected on the E drive after it's first try it's going through everything and unlocks both drives

    another thing is that the output is multiplied at least 5 times at this point where for me just 1 time is sufficient.

  • #167284

    Participant
    Topics: 2
    Replies: 54
    Points: 278
    Helping Hand
    Rank: Contributor

    another thing is that the output is multiplied at least 5 times at this point where for me just 1 time is sufficient.

    You have 6 drives listed in your xml file. You are getting 5 error outputs because 5 are failing and 1 is successful.

    On the plus side, this means that your foreach loop is executing the expected number of times.

    You should apply

    Set-PSDebug -Trace 2

    and look at the output of each loop to see where it goes wrong.

You must be logged in to reply to this topic.