EnableAutoUnlock method of the Win32_EncryptableVolume class

The EnableAutoUnlock method of the Win32_EncryptableVolume class allows a data volume to be automatically unlocked when the volume is mounted.

Automatic unlocking saves an external key to the operating system that can automatically unlock the volume onto the currently running operating system volume.

To use this method, the operating system volume must already be protected by BitLocker Drive Encryption or must have encryption in progress. In addition, there must already exist an external key for the data volume. Use ProtectKeyWithExternalKey to create the external key that can automatically unlock the volume.

Syntax

uint32 EnableAutoUnlock(
  [in] string VolumeKeyProtectorID
);

Parameters

VolumeKeyProtectorID [in]

Type: string

A string that identifies the key protector of the type "External Key" used to automatically unlock the volume.

Return value

Type: uint32

This method returns one of the following codes or another error code if it fails.

Return code/value Description
S_OK
0 (0x0)
The method was successful.
FVE_E_LOCKED_VOLUME
2150694912 (0x80310000)
The volume is locked.
FVE_E_NOT_ACTIVATED
2150694920 (0x80310008)
BitLocker is not enabled on the volume. Add a key protector to enable BitLocker.
E_INVALIDARG
2147942487 (0x80070057)
The VolumeKeyProtectorID parameter does not refer to a valid key protector of the type "External Key".
FVE_E_NOT_DATA_VOLUME
2150694937 (0x80310019)
The method cannot be run for the currently running operating system volume.
FVE_E_OS_NOT_PROTECTED
2150694944 (0x80310020)
The method cannot be run if the currently running operating system volume is not protected by BitLocker Drive Encryption or does not have encryption in progress.
FVE_E_VOLUME_BOUND_ALREADY
2150694943 (0x8031001F)
Automatic unlocking on the volume has previously been enabled.

 

Remarks

Given a valid volume key protector of the type "External Key", the related 256-bit external key is extracted from the protector and stored into the registry of the currently running operating system, along with the volume key protector ID.

If the external key associated with the volume key protector ID is deleted, the functionality to automatically unlock the volume is disabled or suspended.

Note

Removable media is not currently supported.

 

Managed Object Format (MOF) files contain the definitions for Windows Management Instrumentation (WMI) classes. MOF files are not installed as part of the Windows SDK. They are installed on the server when you add the associated role by using the Server Manager. For more information about MOF files, see Managed Object Format (MOF).

Requirements

Requirement Value
Minimum supported client
Windows Vista Enterprise, Windows Vista Ultimate [desktop apps only]
Minimum supported server
Windows Server 2008 [desktop apps only]
Namespace
Root\CIMV2\Security\MicrosoftVolumeEncryption
MOF
Win32_encryptablevolume.mof

See also

Win32_EncryptableVolume