Title: Bitlocker encrypted USBs inaccessible on PCs with SecureDoc
Affected Version:
SecureDoc 8.6 SR1
Environment:
- BitLocker
Used Case Summary:
Once SecureDoc is installed, it removes specific registry values that prevent access to BitLocker encrypted USBs on systems with SD but the issues does not happen on systems without SecureDoc.
Workaround:
First make sure to restore the settings. Then:
1. Open Registry editor and switch to HKEY_CLASSES_ROOT\Drive\shell folder
2. Right-click it and select "Permissions"
3. Click "Advanced" button
4. Click "Disable inheritance" and choose first option ("Convert inherited permissions ...").
5. Double-click SYSTEM account, select "Deny" permission type
6. Click "Show advanced permissions" and uncheck all but Delete options.
7. Close all windows with OK
Recommendation:
Copy the reg file to the path specified in the script (in this case, C:\TEMP) and then run the PowerShell, it will import the registry and remove inheritance, and set deny on SYSTEM.
See attached script “BitLocker_Reg_Restore.zip”