0

I'm trying to script the automatic unlocking of several drives on several PC's.

I am using Bitlocker External Keys for the unlocking, not the recovery password.

The command is:

manage-bde -unlock h: -rk "K:\%BITLOCKER-EXTERNAL-KEY%"

External Keys for BL are stored as *.BEK files. All of mine are stored at the root of my encrypted usb drive.

I need a script which will cycle through every BEK file replacing it within the variable, only stopping once a successful unlock has occurred.

I believe a successful unlock is errorlevel 0.

I have around 60 BEK files and without this script I would need to process each one manually. I can code most of it apart from looping a load of files into a variable.

Thanks

Boyd Fields
  • 31
  • 6
  • 1
    Your main question is really nothing whatsoever to do with bitlocker, is it? Please use the search facility to locate questions and answers, where there is a need to iterate through a directory and select all files with a particular pattern/glob, _(in this case `*.bek`)_. Once you've done that, please [edit your question](https://stackoverflow.com/posts/65812735/edit), to include that part of your code, together with your bitlocker command ,as an attempt at the task. This site does not provide a free code writng service, it only helps you to fix code which doesn't do what it was written to do. – Compo Jan 20 '21 at 16:41
  • Taken on board. Note my solution below. – Boyd Fields Apr 09 '21 at 16:16

1 Answers1

0

Slightly delayed but finally came up with the following solution: Can take a while to execute as it cycles through the same command but it works.

:UNLOCKDRIVESAUTOMATICALLY
setlocal enableDelayedExpansion
SET _SECUREUSB_DRIVE_LETTER=E:
CD /D "%~dp0"
CLS
ECHO/Automatic Bitlocker Unlock
ECHO/
ECHO/Unlocking drives...
ECHO/
ATTRIB -h -s "%_SECUREUSB_DRIVE_LETTER%\*.bek"
for %%a in (*.bek) do (manage-bde -unlock c: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock d: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock e: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock f: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock g: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock h: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock i: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock j: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock k: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock l: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock m: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock n: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock o: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock p: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock q: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock r: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock s: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock t: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock u: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock v: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock w: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock x: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock y: -rk %~dp0%%a) > nul 2>&1
for %%a in (*.bek) do (manage-bde -unlock z: -rk %~dp0%%a) > nul 2>&1
ATTRIB +h +s "%_SECUREUSB_DRIVE_LETTER%\*.bek"
ECHO/
ECHO/Complete.
endlocal disableDelayedExpansion
pause
GOTO :END
Boyd Fields
  • 31
  • 6