If you’re trying to setup BitLocker for a drive but you can’t, this article is for you. Sometimes while enabling BitLocker, you might see this error:
Page Contents
The BitLocker metadata for the encrypted drive is not valid. You can attempt to repair the drive to restore access.
Now you might be wondering what is BitLocker metadata? So it is basically the container housing your BitLocker recovery key and password. If a drive is corrupted, there exists a possibility that BitLocker metadata also gets corrupted. Under this condition, above mentioned error message is expected.
If you’re using BitLocker in AD DS environment, note that there is a backup key package other than recovery key and password (stored as metadata). With default settings for AD DS backup, the key package is backup up to AD DS. So if a drive is corrupted and you can’t recover BitLocker metadata, you can simply use key package to decrypt drive. The necessary condition of the key package to work is it having it drive identifier for the corresponding drive.
To obtain the key package, you can go to AD DS and BitLocker recovery key password viewer. Open Active Directory Users and Computers. Click on the container in which computer is locate. Right click the computer object and choose Properties. On the property sheet, click on BitLocker Recovery tab and you can get BitLocker recovery password there.
To resolve this issue, we can try following suggestions.
FIX: The BitLocker Metadata For The Encrypted Drive Is Not Valid
If the drive with which you’re setting BitLocker is empty, try to format it with NTFS file system and see if you can setup BitLocker then.
If you’re getting this issue with already encrypted drive, you can use BitLocker Repair Tool (repair-bde
) command-line tool to repair the drive and recover the encrypted data to another drive.
Once that data is recovered, you can format again that original drive with NTFS file system and re-setup BitLocker.
That’s it!
Leave a Reply