Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, August 19, 2016 9:40 PM
I get errors on a Nano Server TP5 and 14393 builds with the storage, secureboot packages installed. These same bitlockered volumes mount fine on Win2012R2.
Only volumes with bitlocker protection disabled are working right now (since they don't require the ps commands to set-up locking?)
For instance, when I run "unlock-bitlocker d:" powershell command, I get:
Get-CimInstance : Invalid class
At C:\windows\system32\windowspowershell\v1.0\Modules\BitLocker\BitLocker.psm1:368 char:25
- ... $Win32Volume = Get-CimInstance Win32_Volume -Filter $WmiVolumeFilter
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : MetadataError: (:) [Get-CimInstance], CimException
+ FullyQualifiedErrorId : HRESULT 0x80041010,Microsoft.Management.Infrastructure.CimCmdlets.GetCimInstanceCommand
Get-BitLockerVolumeInternal : Device Id: \?\Volume{bdb2e4b8-4596-4ecb-b5fd-e0b1e1013349}\ does not have a
corresponding volume.
At C:\windows\system32\windowspowershell\v1.0\Modules\BitLocker\BitLocker.psm1:1209 char:40
- ... umeInternal = Get-BitLockerVolumeInternal -MountPoint $MountPoint[$i]
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], Exception
+ FullyQualifiedErrorId : System.Exception,Get-BitLockerVolumeInternal
I get the same errors with the other *bitlocker* commands that take a mountpoint.
What am I doing wrong?
All replies (4)
Tuesday, August 23, 2016 6:28 AM ✅Answered
Hi Danny,
I tried this out with build 14393 and it seems to be working for me. I'm not sure exactly what you did, but here is what I did. I created a 1GB VHDX on a Windows 10 v1607 machine and encrypted it with BitLocker using a password. I verified on a different machine that the VHDX was correctly encrypted with BitLocker. Then I copied the VHDX file to a Nano Server VM which has the SecureStartup optional feature installed. I was able to mount the VHDX and unlock the drive over PowerShell remoting.
PS C:\ Mount-DiskImage -ImagePath C:\Temp\TestBitLocker.vhdx -StorageType VHDX -Verbose
PS C:\ Get-Volume
DriveLetter FileSystemLabel FileSystem DriveType HealthStatus OperationalStatus SizeRemaining Size
D CD-ROM Healthy Unknown 0 B 0 B
A Removable Healthy Unknown 0 B 0 B
C NanoServer NTFS Fixed Healthy OK 2.28 GB 4 GB
E Fixed Healthy Unknown 0 B 0 B
PS C:\ Get-Disk | ft Number, FriendlyName, HealthStatus, OperationalStatus, Size, PartitionStyle
Number FriendlyName HealthStatus OperationalStatus Size PartitionStyle
0 Virtual HD Healthy Online 4294967296 MBR
1 Msft Virtual Disk Healthy Online 1073741824 GPT
PS C:\ $ss= ConvertTo-SecureString "NotReallyMyPassword1!" -AsPlainText -Force
PS C:\ $ss
System.Security.SecureString
PS C:\ Unlock-BitLocker -MountPoint "E:" -Password $ss
ComputerName: MINWINPC
VolumeType Mount CapacityGB VolumeStatus Encryption KeyProtector AutoUnlock Protection
Point Percentage Enabled Status
Data E: 0.97 FullyEncrypted 100 {RecoveryPassword, Pas... False On
PS C:\ dir E:
Directory: E:\
Mode LastWriteTime Length Name
-a 8/22/2016 10:51 PM 48 Test.txt
PS C:\ Get-Content E:\Test.txt
This is some content
It should be protected with BitLocker
PS C:\ gin w*x, oss*
WindowsBuildLabEx : 14393.99.amd64fre.rs1_release.160815-1733
OsSystemDevice : \Device\HarddiskVolume1
OsSystemDirectory : C:\windows\system32
OsSystemDrive : C:
OsSizeStoredInPagingFiles : 524028
OsSerialNumber :
OsServicePackMajorVersion : 0
OsServicePackMinorVersion : 0
OsStatus : OK
OsSuites : {TerminalServices, TerminalServicesSingleSession}
OsServerLevel : NanoServer
Monday, October 17, 2016 5:11 PM ✅Answered
To close out this thread, this started working in the September cumulative update.
Monday, August 22, 2016 4:39 PM
Hi Danny,
The Bitlocker cmdlets were not available in those builds and may be added in later builds.
Thanks
ref@
Monday, August 22, 2016 5:31 PM
Your wording is confusing to me... The commands are present. I presume you meant to say that they are present, but known-not-working in those builds?