question

BojanDunkic-6518 avatar image
0 Votes"
BojanDunkic-6518 asked RealMVP-3592 published

BackupToAAD-BitLockerKeyProtector Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

Hello everyone,

I have a problem when running this bit of Powershell code only on select devices on our company network:

 BackupToAAD-BitLockerKeyProtector -MountPoint $env:SystemDrive -KeyProtectorId ((Get-BitLockerVolume -MountPoint $env:SystemDrive ).KeyProtector | where {$_.KeyProtectorType -eq "RecoveryPassword" }).KeyProtectorId

Namely, it throws an error exception like this:


 BackupToAAD-BitLockerKeyProtector : Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
 At line:1 char:1
 + BackupToAAD-BitLockerKeyProtector $env:systemdrive -KeyProtectorId $R ...
 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : NotSpecified: (:) [Write-Error], UnauthorizedAccessException
     + FullyQualifiedErrorId : System.UnauthorizedAccessException,BackupToAAD-BitLockerKeyProtector


This is very strange as I'm running the powershell script as an Admin on the devices. Some manage to run the script successfully and some get the above error.

BitLocker is enabled on all devices on the network and the devices are Azure AD Hybrid Joined.

Anyone able to help?


windows-server-powershellwindows-10-network
· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MarileeTurscak-MSFT avatar image MarileeTurscak-MSFT ·

The Error code 0x80070005 is usually related to the WMI permissions. Have you made sure all of the right permissions are set on the machines? https://docs.microsoft.com/en-us/windows/win32/wmisdk/connecting-to-wmi-on-a-remote-computer?redirectedfrom=MSDN

0 Votes 0 ·

1 Answer

RealMVP-3592 avatar image
0 Votes"
RealMVP-3592 answered RealMVP-3592 published

In my experience, command is working locally but the communication to AzureAD is not. Check for proxies or other network interference that might alter traffic/packets.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.