unlocking bitlocker protected drives not unlocking all drives

PowerShell Help
1

hi the purpose of this script is to unlock at each windows startup the connected usb drives

this is my xml file

usb.xml

and I use this script to unlock each drive that is attached to my computer, however I’ve got one problem that only one drive gets onlocked and the others don’t can you help me out here what I need to correct

[pre]

$Base_DIR=(resolve-path .).Path
$ddMMyyyy=(get-date).ToString(‘dd-MM-yyyy’);
$LOG_DIR= $Base_DIR + “\LogFolder”
$LOG_File = $LOG_DIR + “\unlock”+ $ddMMyyyy + “.log”
$xml_config =$Base_DIR + “\Usb.xml”
[xml]$xml_content = Get-Content $xml_config

foreach($entity in $xml_content.GetElementsByTagName(“Drive_Name”)){
$Drive = $entity.DRIVE_LETTER
$serial = $entity.Serial_Number
$drive_serialnumber = Get-Partition -DriveLetter $Drive | Get-Disk | select-object -ExpandProperty SerialNumber
$drive_serialnumber.trim()

if($drive_serialnumber.trim() -like $serial){
.\unlock8gb.ps1
write-host “Drive succesfully unlocked”
}else {
.\Unlock64gb.ps1
write-host “Drive succesfully unlocked”
}

}

[/pre]

 

2

There might be a problem on your if condition to match the serial number, You can replace (12,1315) lines with below 2 line in your code and verify

 $drive_serialnumber = $(Get-Partition -DriveLetter $Drive | Get-Disk | select-object -ExpandProperty SerialNumber).trim()
if($serial -like "*$drive_serialnumber*" )
3

hi the "expandpropertyserialnumber doesn’t exist

best regards

 

4

its was typo, Correct it now

5

still not working correctly

only 1 drive is unlocked and the other throws an error not found

both ps files unlock8gb.ps1 and unlock64gb are working correctly individually

 

6

you need to debug the script to understand at what level it is failing…

Other thing,I want to ask you, how you have attach drive having same name in windows operating System they must have different name as per my knowledge if that are attached to one system.

https://1drv.ms/u/s!ApHSCIMC1xeQlwRvdemC9w_Otb6h?e=RLXGqh

7

in addition I created another test with the unlock8gb and unlock64gb combined, this is just to see where what goes wrong

[pre]

$xml_config =$Base_DIR + “\Usb.xml”
[xml]$xml_content = Get-Content $xml_config

foreach($entity in $xml_content.GetElementsByTagName(“Drive_Name”)){
$Drive = $entity.DRIVE_LETTER
$serial = $entity.Serial_Number

$pass = Get-Content C:\temp\pssdBred.txt|ConvertTo-SecureString
Unlock-BitLocker -MountPoint $Drive -Password $pass
$pass1 = Get-Content C:\temp\pstest.txt|ConvertTo-SecureString
Unlock-BitLocker -MountPoint $Drive -Password $pass1

}

[/pre]

this time I get directly an error thrown at me that the Drive cannot be unlocked by the given password which is I suppose somewhere correct if the first drive in the file is different than the one connected on the E drive after it’s first try it’s going through everything and unlocks both drives

another thing is that the output is multiplied at least 5 times at this point where for me just 1 time is sufficient.

8

You have 6 drives listed in your xml file. You are getting 5 error outputs because 5 are failing and 1 is successful.

On the plus side, this means that your foreach loop is executing the expected number of times.

You should apply [pre]Set-PSDebug -Trace 2[/pre] and look at the output of each loop to see where it goes wrong.