Technical support

Knowledgebase: Encryption
Can I use BitLocker and ESET Endpoint Encryption Full Disk Encryption at the same time?
Article ID: KB266 email a link to this article
 

IMPORTANT

You must NOT use multiple disk encryption solutions on a single machine. This is not supported and can lead to permanent loss of data. 

How can I tell if BitLocker is turned on?

You can tell if any volumes have BitLocker Device Encryption turned on by opening an elevated Command Prompt and typing the following command:

manage-bde -status

In the screenshot above, BitLocker has fully encrypted the C:\ volume. In order to use ESET Endpoint Encryption (EEE) FDE (FDE), you must decrypt the C:\ volume first.

 

You can also see the history of BitLocker by opening a PowerShell command line and typing the following:

Get-WinEvent @{logname='system';ProviderName='Microsoft-Windows-BitLocker-Driver'}

The screenshot below shows an example of this. 

 

How do I remove BitLocker?

Important

Before making any changes to your system, please ensure you have an up-to-date backup of your data.

Using the Command Line

If your C:\ volume (or any other volumes) is encrypted with BitLocker as displayed above, then you can decrypt it by following these steps:

1. Open an Elevated Command Prompt.

2. Type manage-bde -off C: 

3. Note: If multiple volumes are encrypted with BitLocker, then you will need to decrypt each volume individually.

4. BitLocker will begin decrypting the selected volume.

5. Once complete, update the Workstation Details and attempt to start  FDE with EEE again. See: KB182 - I made changes to my client workstation, how do I update the ESET Endpoint Server of this?

For more information, please see this Microsoft article: https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/manage-bde-off

Using Windows 10 (1809 onwards)

You can use the Settings interface to turn off BitLocker Device Encryption. To do this, follow these steps:

1. Open Windows Settings (Win+i).

2. Select Update & Security.

3. Select Device encryption at the bottom of the left-hand menu.

4. Press the Turn off button.

5. Press Turn off again to confirm.

6. Wait for the decryption to complete.

7. Once complete, update the Workstation Details and attempt to start FDE with EEE again. See: KB182 - I made changes to my client workstation, how do I update the ESET Endpoint Server of this?

keywords: bitlocker, device encryption, drive encryption


We use cookies on our website to enhance your browsing experience. Read more