Add decrypt to the Bitlocker script

So I saw a post today ( followed by the link to a script that checks the bitlocker status of drive (, however I was wondering if a script could be made that will decrypt (manage-bde -off C: (drive letter)) if the drive reports back that it is encrypted. We have some PC’s that when they join the domain, for some reason, they start encrypting (even thought they do not show up in File Explorer as encrypted). I can run the manage-bde -off (drive letter) to start the decryption process without any issues. I hope that this explains what I am looking for. Thank you in advance.

Hello @phil.tukey,

We have forwarded your query to our development team. We will also create a support ticket for you to keep you updated.

Thank you.

Hi @phil.tukey

We’ll progress with your request and update you once it has been completed.

Thank you.


The Script to decrypt drive in Bitlocker is available in following link

please provide following details in script

RecoveryKey=“405658-268631-257433-019745-265023-067408-284086-217767” ##Enter the Recovery key
Drive=“E:” ##Enter the Drive you want to decrypt

While setting up the Bitlocker , Recovery Key will be saved as a text file ,


Run as System User.

Thank you.

Thank you for creating this script it will help me out.

Hi @phil.tukey

Please provide us your valuable feedback.

Thank You.

Deepthim, I have yet to try this out as bitlocker encryption only seems to happening once a computer joins our network for the first time As I do not have any computers joining our domain currently, I will not get an opportunity to try this. However once I do have a computer that joins the domain for the first time, I will be testing this and then will follow up with any feedback. Thanks again.