[Resolved] AMST-3083: In certain scenarios BitLocker key may not escrow immediately into the Console which might cause devices to lock

Version Identified

Windows Unified Agent 9.1+ and versions below 9.1.2.4

 

Identifier

AMST-3083

 

Symptoms

AirWatch has identified a potential issue with BitLocker in AirWatch 9.1 where the recovery password may not be stored in the AirWatch Console under certain conditions. The identified conditions include:

  • The device already sent all samples to AirWatch,
  • a new recovery key is generated on the device when it is offline and
  • the device is booted into BitLocker recovery mode due to a hardware or firmware change on the device.

If all three conditions are met, the device will boot into the recovery mode and the escrowed recovery key will not work. When this issue occurs and the device boots into the BitLocker recovery mode, the device cannot be unlocked using the recovery key and will need additional steps to unlock.

 

Workaround

 

Fix Versions

AirWatch 9.0.5+

AirWatch 9.1.2+

WITH

AirWatch Unified Agent 9.1.2.4

Note: Make sure to enable the Protection Agent Automatic Updates flag.

Have more questions? Submit a request

0 Comments

Article is closed for comments.