Manage-bde

TECHNET Home

TechNet
TechNet Library
Windows Server
Windows Server 2008 and Window ...
Windows Server Commands, Refer ...
Command-line Reference
A-Z List

Manage-bde

Manage-bde: status
Manage-bde: on
Manage-bde: off
Manage-bde: pause
Manage-bde: resume
Manage-bde: lock
Manage-bde: unlock
Manage-bde: autounlock
Manage-bde: protectors
Manage-bde: tpm
Manage-bde: setidentifier
Manage-bde: forcerecovery
Manage-bde: changepassword
Manage-bde: changepin
Manage-bde: changekey
Manage-bde: upgrade

A-Z List

Adprep
Append
Arp
Assoc
At
Atmadm
Attrib
Auditpol
Autochk
Autoconv
Autofmt
Bcdboot
Bcdedit
Bdehdcfg
Bitsadmin
Bootcfg
Break
Cacls
Call
Cd
Certreq
Certutil
Change
Chcp
Chdir
Chglogon
Chgport
Chgusr
Chkdsk
Chkntfs
Choice
Cipher
Clip
Cls
Cluadmin
Cluster
Cmd
Cmdkey
Cmstp
Color
Comp
Compact
Convert
Copy
Cprofile
Cscript
Csvde
Date
Dcdiag
Dcgpofix
Dcpromo
Defrag
Del
Dfscmd
Dfsrmig
Diantz
Dir
Dirquota
Diskcomp
Diskcopy
Diskedit
DiskPart
Diskperf
DiskRAID
Diskshadow
Dispdiag
Djoin
Dnscmd
Doskey
Driverquery
Dsacls
Dsadd
Dsamain
Dsdbutil
Dsget
Dsmgmt
Dsmod
Dsmove
Dsquery
Dsrm
Echo
Edit
Endlocal
Erase
Eventcreate
Eventquery.vbs
Eventtriggers
Evntcmd
Exit
Expand
Extract
Fc
Filescrn
Find
Findstr
Finger
Flattemp
For
Forfiles
Format
Freedisk
Fsutil
Ftp
Ftype
Fveupdate
Getmac
Gettype
Goto
Gpfixup
Gpresult
Gpupdate
Graftabl
Hashgen
Help
Helpctr
Hostname
Icacls
If
Inuse
Ipconfig
Ipxroute
Irftp
Ismserv
Jetpack
Klist
Ksetup
Ktmutil
Ktpass
Label
Ldifde
Ldp
Lodctr
Logman
Logoff
Lpq
Lpr
Macfile
Makecab
Manage-bde
Mapadmin
Md
Mkdir
Mklink
Mmc
Mode
More
Mount
Mountvol
Move
Mqbkup
Mqsvc
Mqtgsvc
Msdt
Msg
Msiexec
Msinfo32
Mstsc
Nbtstat
Netdiag
Netdom
Netsh
Netstat
Net computer
Net group
Net localgroup
Net print
Net session
Net share
Net use
Net user
Net view
Netcfg
Nfsadmin
Nfsshare
Nfsstat
Nlb
Nlbmgr
Nltest
Nslookup
Ntbackup
Ntcmdprompt
Ntdsutil
Ntfrsutl
Openfiles
Pagefileconfig.vbs
Path
Pathping
Pause
Pbadmin
Pentnt
Perfmon
Ping
Pnpunattend
Pnputil
Popd
Powercfg
PowerShell
Print
Prncnfg.vbs
Prndrvr.vbs
Prnjobs.vbs
Prnmngr.vbs
Prnport.vbs
Prnqctl.vbs
Prompt
Pubprn.vbs
Pushd
Pushprinterconnections
Qappsrv
Qprocess
Query
Quser
Qwinsta
Rasdial
Rcp
Rd
Rdpsign
Reagentc
Recover
Redircmp
Redirusr
Reg
Regini
Regsvr32
Relog
Rem
Ren
Rename
Rendom
Repadmin
Repair-bde
Replace
Reset session
Rexec
Risetup
Rmdir
Robocopy
Route
Rpcinfo
Rpcping
Rsh
Rsm
Rss
Runas
Rundll32
Rwinsta
Sc
Schtasks
Scwcmd
Secedit
Serverceipoptin
Servermanagercmd
Serverweroptin
Set
Setlocal
Setspn
Setx
Sfc
Shadow
Shift
Showmount
Shutdown
Sort
Start
Storrept
Subst
Sxstrace
Sysocmgr
Systeminfo
Tapicfg
Takeown
Taskkill
Tasklist
Tcmsetup
Telnet
Tftp
Time
Timeout
Title
Tlntadmn
Tracerpt
Tracert
Tree
Tscon
Tsdiscon
Tsecimp
Tskill
Tsprof
Type
Typeperf
Tzutil
Uddiconfig
Umount
Unlodctr
Ver
Verifier
Verify
Vol
Vssadmin
W32tm
Waitfor
Wbadmin
Wdsutil
Wecutil
Wevtutil
Where
Whoami
Winrs
Winnt
Winnt32
Winpop
Winsat
Wlbs
Wmic
Wscript
Xcopy

Switch View :

Classic

Lightweight

ScriptFree

Feedback

Manage-bde

Updated: April 17, 2012

Applies To: Windows 7, Windows Server 2008 R2

Used to turn on or turn off BitLocker, specify unlock mechanisms, update recovery methods, and unlock BitLocker-protected data drives. This command-line tool can be used in place of the BitLocker Drive Encryption Control Panel item. For examples of how this command can be used, see Examples.

Syntax

manage-bde [-status] [–on] [–off] [–pause] [–resume] [–lock] [–unlock] [–autounlock] [–protectors] [–tpm] 
[–setidentifier] [–changepassword] [–changepin] [–changekey] [–upgrade] [{-?|/?}] [{-help|-h}]

Parameters

Parameter	Description
Manage-bde: status	Provides information about all drives on the computer, whether or not they are BitLocker-protected.
Manage-bde: on	Encrypts the drive and turns on BitLocker.
Manage-bde: off	Decrypts the drive and turns off BitLocker. All key protectors are removed when decryption is complete.
Manage-bde: pause	Pauses encryption or decryption.
Manage-bde: resume	Resumes encryption or decryption.
Manage-bde: lock	Prevents access to BitLocker-protected data.
Manage-bde: unlock	Allows access to BitLocker-protected data with a recovery password or a recovery key.
Manage-bde: autounlock	Manages automatic unlocking of data drives.
Manage-bde: protectors	Manages protection methods for the encryption key.
Manage-bde: tpm	Configures the computer's Trusted Platform Module (TPM).
Manage-bde: setidentifier	Sets the drive identifier field on the drive to the value specified in the Provide the unique identifiers for your organization Group Policy setting.
Manage-bde: forcerecovery	Forces a BitLocker-protected drive into recovery mode on restart. This command deletes all TPM-related key protectors from the drive. When the computer restarts, only a recovery password or recovery key can be used to unlock the drive.
Manage-bde: changepassword	Modifies the password for a data drive.
Manage-bde: changepin	Modifies the PIN for an operating system drive.
Manage-bde: changekey	Modifies the startup key for an operating system drive.
Manage-bde: upgrade	Upgrades the BitLocker version.
-? or /?	Displays brief Help at the command prompt.
-help or -h	Displays complete Help at the command prompt.

Examples

The following example displays the drives on the computer and identifies whether or not they are BitLocker-protected and the current encryption status.

manage-bde -status

The following example illustrates enabling BitLocker on drive C with the option of a recovery password. The recovery password will be generated by BitLocker and displayed on the screen so that you can record it.

manage-bde –on C: -recoverypassword

The following example illustrates unlocking a BitLocker-protected drive by using a recovery password.

manage-bde –unlock E: -recoverypassword 111111-222222-333333-444444-555555-666666-777777-888888

Additional references

Tags :