Welcome Forums General PowerShell Q&A unlocking bitlocker protected drives not unlocking all drives

Viewing 4 reply threads
  • Author
    Posts
    • #167065
      Participant
      Topics: 7
      Replies: 10
      Points: 74
      Rank: Member

      hi the purpose of this script is to unlock at each windows startup the connected usb drives

      this is my xml file

      usb.xml

      and I use this script to unlock each drive that is attached to my computer, however I’ve got one problem that only one drive gets onlocked and the others don’t  can you help me out here what I need to correct

      
      $Base_DIR=(resolve-path .\).Path
      $ddMMyyyy=(get-date).ToString(‘dd-MM-yyyy’);
      $LOG_DIR= $Base_DIR + “\LogFolder”
      $LOG_File = $LOG_DIR + “\unlock”+ $ddMMyyyy + “.log”
      $xml_config =$Base_DIR + “\Usb.xml”
      [xml]$xml_content = Get-Content $xml_config
      
      foreach($entity in $xml_content.GetElementsByTagName(“Drive_Name”)){
      $Drive = $entity.DRIVE_LETTER
      $serial = $entity.Serial_Number
      $drive_serialnumber = Get-Partition -DriveLetter $Drive | Get-Disk | select-object -ExpandProperty SerialNumber
      $drive_serialnumber.trim()
      
      if($drive_serialnumber.trim() -like $serial){
      .\unlock8gb.ps1
      write-host “Drive succesfully unlocked”
      }else {
      .\Unlock64gb.ps1
      write-host “Drive succesfully unlocked”
      }
      
      }
      
      

       

    • #167071
      Participant
      Topics: 0
      Replies: 45
      Points: 243
      Helping Hand
      Rank: Participant

      There might be a problem on your if condition to match the serial number, You can replace (12,1315) lines with below 2 line in your code and verify

       $drive_serialnumber = $(Get-Partition -DriveLetter $Drive | Get-Disk | select-object -ExpandProperty SerialNumber).trim()
      if($serial -like "*$drive_serialnumber*" )
      • #167080
        Participant
        Topics: 7
        Replies: 10
        Points: 74
        Rank: Member

        hi  the “expandpropertyserialnumber doesn’t exist

        best regards

         

      • #167083
        Participant
        Topics: 0
        Replies: 45
        Points: 243
        Helping Hand
        Rank: Participant

        its was typo, Correct it now

      • #167092
        Participant
        Topics: 7
        Replies: 10
        Points: 74
        Rank: Member

        still not working correctly

        only 1 drive is unlocked and the other throws an error not found

        both ps files unlock8gb.ps1 and unlock64gb are working correctly individually

         

    • #167101
      Participant
      Topics: 0
      Replies: 45
      Points: 243
      Helping Hand
      Rank: Participant

      you need to debug the script to understand  at what level it is failing…………

      Other thing,I want to ask you, how you have attach drive having same name in windows operating System they must have different name as per my knowledge if that are attached to one system.

      https://1drv.ms/u/s!ApHSCIMC1xeQlwRvdemC9w_Otb6h?e=RLXGqh

    • #167104
      Participant
      Topics: 7
      Replies: 10
      Points: 74
      Rank: Member

      in addition I created another test with the unlock8gb and unlock64gb combined, this is just to see where what goes wrong

      
      $xml_config =$Base_DIR + “\Usb.xml”
      [xml]$xml_content = Get-Content $xml_config
      
      foreach($entity in $xml_content.GetElementsByTagName(“Drive_Name”)){
      $Drive = $entity.DRIVE_LETTER
      $serial = $entity.Serial_Number
      
      $pass = Get-Content C:\temp\pssdBred.txt|ConvertTo-SecureString
      Unlock-BitLocker -MountPoint $Drive -Password $pass
      $pass1 = Get-Content C:\temp\pstest.txt|ConvertTo-SecureString
      Unlock-BitLocker -MountPoint $Drive -Password $pass1
      
      }
      
      

      this time I get directly an error thrown at me that the Drive cannot be unlocked by the given password which is I suppose somewhere correct if the first drive in the file is different than the one connected on the E drive after it’s first try it’s going through everything and unlocks both drives

      another thing is that the output is multiplied at least 5 times at this point where for me just 1 time is sufficient.

    • #167284
      Moderator
      Topics: 3
      Replies: 109
      Points: 566
      Helping Hand
      Rank: Major Contributor

      another thing is that the output is multiplied at least 5 times at this point where for me just 1 time is sufficient.

      You have 6 drives listed in your xml file. You are getting 5 error outputs because 5 are failing and 1 is successful.

      On the plus side, this means that your foreach loop is executing the expected number of times.

      You should apply

      Set-PSDebug -Trace 2

      and look at the output of each loop to see where it goes wrong.

Viewing 4 reply threads
  • The topic ‘unlocking bitlocker protected drives not unlocking all drives’ is closed to new replies.