Group policy error when adding BitLocker password using manage-bde

1

I am trying to add a password for BitLocker using manage-mde.

manage-bde -protectors -add c: -password

And receive the following error.

ERROR: An error occurred (code 0x8031006a): Group Policy settings do not permit the creation of a password.

The only group policy setting I could find was "Configure use of passwords in operating system drives" in Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives. I changed that setting to "Allow password complexity". I'm still getting the same error.

Any ideas? Thanks for your help as always.

Mark Williams

Posted 2014-06-23T00:03:01.290

Reputation: 487

Answers

2

To enable a Bitlocker password to unlock the host OS without TPM, or in your case reset the Bitlocker password you will also need enabled in Group Policy "Require additional authentication at startup"

After you've done this you can set a new Bitlocker Password using manage-bde -protectors -add c: -password or through the Bitlocker GUI.

Paddy

Posted 2014-06-23T00:03:01.290

Reputation: 21

This answer helped me as well. Note that we change our Bitlocker passwords every few months and this is the first time that this error has happened to me. Note that the Group Policy setting mentioned in the answer can be found under Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives, and that the Group Policy editor can be opened by going to WIN+R and typing gpedit. msc – gordon613 – 2020-01-30T16:23:17.360

Asked: 2014-06-23T00:03:01.290

Viewed: 5 114 times

Active: 2014-08-15T17:11:25.580