In out Active Domain have a recently formatted W10 computer (was formatted about 2 months ago), yesterday there was a power loss and the information got corrupted, the user received the Windows is attempting to make startup repairs message and wait, after a few minutes Windows couldnt recover the information so i decided to remove the Hard Drive to make a backup, format the drive and do a clean reinstall
But when i tried to read the HDD i got a message saying "Windows cannot found recovery key on this unit" so for some reason the HDD appears to be encrypted with bitlocker, so im stuck with 3 possible alternatives
1.- The Active Directory domain IS NOT ENFORCING the enable of bitlocker, so can some windows update automatically turn it on? if so, is there a way to recover the keys?
2.- Maybe the partition table was corrupted and in the repair attempts windows messed it up and now thinks it has bitlocker enabled but its not, how possible is this scenario?
3.- On the BIOS i found that RAID option was enabled, can windows think that a RAID disk is a Bitlocker Encrypted disk?
The computer is a Dell Optiplex 3050 with Windows 10 Pro installed, how can i analyze the partition to actually try to recover the information? do you suggest to delete the mbr and recreate it using maybe TestDisk with kali linux?
( 6 months ago )
No, Bitlocker is not automatically enabled without some other setting enabling it.
If your domain settings do not enable this, and you're certain the user did not (or could not) enable this, then the issue is corruption on the drive which causes Windows to believe the drive is encrypted using Bitlocker.