search

HotCakeX / Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
https://hotcakex.github.io
MIT License
1.87k stars 148 forks source link

Bitlocker need no bootable media inserted in order to process #6

Closed innovatodev closed 1 year ago

innovatodev commented 1 year ago

If you want to activate bitlocker, microsoft want you to remove any bootable media (cd/dvd and maybe usb) in order to do the first encrypt.

These errors occured, run Bitlocker category again after meeting the requirements Add-TpmAndPinProtectorInternal : Le chiffrement de lecteur BitLocker a détecté la présence d’un média de démarrage amovible (CD ou DVD) dans l’ordinateur. Retirez le média, puis redémarrez l’ordinateur avant de configurer BitLocker.

english : Add-TpmAndPinProtectorInternal: BitLocker Drive Encryption detected the presence of bootable media removable disk (CD or DVD) in the computer. Remove the media and then restart the computer before setting up BitLocker.

The error precise it need a computer restart before even trying to setup bitlocker if a media was here, but need to try if it works without reboot and just wait the user to eject, but at the moment, it throw this error.

Windows_11_22621.1105 fresh installed without touching anything.

HotCakeX commented 1 year ago

If you want to activate bitlocker, microsoft want you to remove any bootable media (cd/dvd and maybe usb) in order to do the first encrypt.

These errors occured, run Bitlocker category again after meeting the requirements Add-TpmAndPinProtectorInternal : Le chiffrement de lecteur BitLocker a détecté la présence d’un média de démarrage amovible (CD ou DVD) dans l’ordinateur. Retirez le média, puis redémarrez l’ordinateur avant de configurer BitLocker.

english : Add-TpmAndPinProtectorInternal: BitLocker Drive Encryption detected the presence of bootable media removable disk (CD or DVD) in the computer. Remove the media and then restart the computer before setting up BitLocker.

The error precise it need a computer restart before even trying to setup bitlocker if a media was here, but need to try if it works without reboot and just wait the user to eject, but at the moment, it throw this error.

Windows_11_22621.1105 fresh installed without touching anything.

Hi, Thank you for the issue, I thought I would just show the error message to the user and let them handle it, but now I've put a check.


image


When that message is shown and there is a CD/DVD drive in the system, user can eject the disk and run Bitlocker category again and it will work without a reboot :)

the change is still in the pull request and will be merged with the script soon https://github.com/HotCakeX/Harden-Windows-Security/pull/5

innovatodev commented 1 year ago

thanks thats cool ill try it for sure !

You cant just let the native powershell error, because some of your future users will have a different powershell profile than your and it will stop your script at the first error/exception it will throw, if you want to do that, you must add $ErrorActionPreference = Continue (default powershell value) at the top of your script, to force these users to your desired preference =P

Thanks again ! (i dont know what to do, do i close the issue myself, i think yes ? let me know if i did an error haha )