question

FURCAT-4436 avatar image
0 Votes"
FURCAT-4436 asked JennyFeng-MSFT commented

Access denied during Bitlocker encryption and fail

Windows version:
Using Windows 10 Edu 21H1. It doesn't seem to be a recent version's problem, I've been trying it for several months and it doesn't work on previous versions.


Problem:
If I encrypt the entire space of the HDD (WD 2TB, EZAZ model) with Bitlocker, it starts very well and also progresses to about 70% but the message 'Access is denied' appears soon and the window that was being encrypted disappears.

At 'This PC' window, the drive is displayed as an icon that looks as if encryption has been completed and even opens well when I enter the password.
However the phrase 'Encryption in progress' appears again automatically, and encryption restarts from 54.4%.

Encryption reaches 70% again, stops again, and click the drive again, it restarts at 54.4%... This situation keeps repeating.


Significants:
When I tried it a year ago with an HDD of the same model, it worked.
Encryption failed on the HDD I bought this time, so I refunded it and bought it again, but it also failed. I don't think it's a problem with HDD.

I have the same problem after performing low format the HDD and clean boot.




  1. What should I do to encrypt normally?

  2. Encryption interruption problems were frequent. Could this have caused problems with the HDD? (The HDD seem to be virtually disconnected and then reconnected due to a software error)


Thank you.

windows-10-security
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@FURCAT-4436
Hi,

Just checking in to see if the information provided was helpful.

If the reply helped you, please remember to accept as answer.
If no, please reply and tell us the current situation in order to provide further help.

0 Votes 0 ·
JennyFeng-MSFT avatar image
0 Votes"
JennyFeng-MSFT answered FURCAT-4436 commented

@FURCAT-4436
Hi,
1. Based on my research, GPOs that change the security descriptors of services have been known to cause this issue.
To verify that this issue has occurred, you could follow the steps on the following link:
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues

-To repair the security descriptor of BDESvc, open an elevated PowerShell window and enter the following command:
sc sdset bdesvc D:(A;;CCDCLCSWRPWPDTLORCWDWO;;;SY)(A;;CCDCLCSWRPWPDTLORCWDWO;;;BA)(A;;CCLCSWRPLORC;;;BU)(A;;CCLCSWRPLORC;;;AU)S:(AU;FA;CCDCLCSWRPWPDTLOSDRCWDWO;;;WD)

-Restart the computer.

  1. Suddenly stopping the computer in the middle of a process can cause data corruption and therefore loss.
    Is your data affected? If it is automatically disappears, I think there should be no problem.

Hope above information can help you.

============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for your reply, but it has not been resolved in this way. My situation is corresponds to the 'typical condition' shown in the document.

I think if encryption doesn't even start, this document could be helpful.

0 Votes 0 ·
JennyFeng-MSFT avatar image
0 Votes"
JennyFeng-MSFT answered

@FURCAT-4436
Hi,
Have you checked the Event View? Did you get some useful information there?
What was the version of Windows when your encryption was successful?
You can check to see if you are the local administrator by going to the control panel and selecting User Accounts. In that window click on "Manage User Accounts" and see if your account is listed.
Here are a couple of suggestions to try:
1. Make sure there is no media in the DVD drive if the computer in question has one.
2. Uninstall any VPN software on the computer (you can reinstall after encryption).
3. Image the computer in question and restore the image.
4. Install a fresh copy of the OS and enable BitLocker before installing any software, joining the domain or applying any updates.

============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.