This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bitlocker and FDE Decryption issue.

Hi,

Sophos Safegaurd Mangement center Version - 8.10.0.323.

Currently we have set volume based encryption policy. and below is scenario-

Installed client configration package then showing restart and log in again and pop up set bitlocker credentials restart and encrypt.

When system was encrypted, after i am doing decryption but system automatically encrypt again.

So how can set automatic encryption and decryption in bitlocker?



This thread was automatically locked due to age.
Parents Reply
  • Thanks Nam - Understood.

    You have applied a policy to the machine that encrypts the machine - This is working well. You try to decrypt the machine and the machine starts decrypting and then encrypts again - This is also working well!

    The policy the machine is running is preventing decryption (and potentially uninstallation too) and that is why is it encrypting again. This is the way you'd want it to be honest - otherwise your users will just decrypt your machine.

    What is best to do is create a decryption group on the SSG console.

    You then create a policy that allows decryption.

    You then add the PC to this group.

    You resync the client.

    You should now be able to decrypt the machine now it has the correct policy.

     

    This guide will help you complete this - It's a little out of date (v7) but it's still roughly the same in v8x.

     

    https://sophserv.sophos.com/repo_kb/108411/file/108411-Decrypting%20a%20SafeGuard%20Enterprise%20client.pdf

Children