Skip to content

TechDirectArchive

Hands-on IT, Cloud, Security, Veeam & DevOps

  • Home
  • About
  • Advertise With US
  • Contact
  • Reviews
  • Toggle search form

Fast Boot Options: Fix specific Drive issue with BitLocker [MBAM]

Posted on 11/12/202424/06/2026 IT Expert By IT Expert No Comments on Fast Boot Options: Fix specific Drive issue with BitLocker [MBAM]
  1. Home
  2. Windows
  3. Fast Boot Options: Fix specific Drive issue with BitLocker [MBAM]
Data drive is locked by BitLocker and not OS drive Fastboot Option

Dell Fast Boot is a feature that minimizes the startup time of your system. It does this by bypassing certain POST (Power-On Self-Test) checks during boot. Depending on your Dell system model, you can configure it through the BIOS/UEFI firmware interface. In this article, we shall discuss “Fast Boot Options: Fix specific Drive issue with BitLocker [MBAM]”. Please, see how to fix Unable to find my BitLocker Recovery Key, How to deploy MBAM for BitLocker Administration, and how to “Fix MBAM Client Deployment is only supported on MBAM 2.5 SP1“.

BitLocker recovery is the process by which access to a BitLocker-protected drive can be restored if the drive doesn’t unlock using its default unlock mechanism.

Users often encounter issues when certain drives are locked, triggering BitLocker recovery mode unexpectedly. To resolve this irregular BitLocker prompt, ensure the device has the correct BIOS settings configured.

BitLocker recovry mode

You may want to see why is BitLocker unable to encrypt Removable Drives via MBAM. Also, see how to check if Microsoft BitLocker Administration and Monitoring is installed on Windows, and Understanding MBAM compliance state and error status.

BitLocker Recovery Prompt Scenarios

It’s crucial to identify the cause of a device entering BitLocker recovery mode as part of the recovery process and troubleshooting. Performing a root cause analysis helps pinpoint the issue and prevents it from happening again in the future.

This issue is as a result of external factors and not related to BitLocker/MBAM itself. Therefore, I will provide you with some known or common events that cause a device to enter BitLocker recovery mode when starting your Windows PC.

  • Entering the wrong PIN too many times
  • Turning off the support for reading the USB device in the pre-boot environment from the BIOS or UEFI firmware if using USB-based keys instead of a TPM
  • Having the CD or DVD drive before the hard drive in the BIOS boot order (common with virtual machines)
  • Docking or undocking a portable computer
  • Changes to the NTFS partition table on the disk
  • Changes to the boot manager
  • Using PXE boot
  • Turning off, disabling, deactivating, or clearing the TPM (Clearing TPM itself is not longer an issue starting with Windows 10/11 as discussed here: How to clear the TPM via the management console or Windows Defender Center App. Also, see Enable TPM: Determine if TPM is present.
  • TPM self-test failure
  • Upgrading the motherboard to a new one with a new TPM
  • Upgrading critical early startup components, such as a BIOS or UEFI firmware upgrade
  • Hiding the TPM from the operating system
  • Modifying the Platform Configuration Registers (PCRs) used by the TPM validation profile
  • Moving a BitLocker-protected drive into a new computer
  • On devices with TPM 1.2, changing the BIOS or firmware boot device order

Error “BitLocker Recovery Mode Prompt for Drive D:”

Actually, for this specific error, we have discussed a fix also in this guide “how to fix BitLocker always prompting for Recovery Key“, and Reasons for BitLocker Recovery Prompt: Query the number of BitLocker recovery request.

Having read the some common BitLocker Recovery Prompts discussed above, you will agree that taking a look at the Windows Event Viewer. You may want to see how to determine why an MBAM-protected device is non-compliant.

From the Enterprise Compliance Reports ‘Query MBAM to display the BitLocker Recovery report” as shown below or Email notifications for MBAM Enterprise and Compliance and Recovery Audit reports. You would notice that the device is non-complaint despite the operating system drive is. You may want to learn about the reporting field here ‘Microsoft BitLocker Administration and Monitoring Report Fields“.

Note: As you can see, TPM settings was not configured to only protect the OS drive. As we can se below, the OS volume is encrypted, but the data drive isn’t. I already know the reason or this as it is not related to TPM, else the OS volume will not be encrypted in the first place. But, I will urge you to verify this in the BIOS once more.

Dell has discussed this topic extensively. As such, please proceed with the recommendations in the next section to fix this issue. You may want to take a look at other solutions from DELL similar to the issue here “BIOS Settings to Allow PXE Boot on Dell Latitude Laptops“.

Non-complaint

Here is also an article on how to Force BitLocker Recovery: Perform BitLocker Recovery via the Self-Service Portal and Helpdesk, and how to install Nextcloud on Mac.

Note: For planned scenarios, such as a known hardware or firmware upgrades, initiating recovery can be avoided by temporarily suspending BitLocker protection. Suspending BitLocker leaves the drive fully encrypted, and the administrator can quickly resume BitLocker protection after the planned task is completed. Using suspend and resume also reseals the encryption key without requiring the entry of the recovery key.

Fix BitLocker Prompting Recovery Prompt for Data Drive

Note: Before proceed, ensure you have downloaded and installed the latest BIOS update available for your Windows PC. Since I am dealing with DELL specific devices, take a look at these. How to update the BIOS on your Dell system, “BitLocker Protection off: Update UEFI/BIOS to fix issues“, and BitLocker Windows Update Shutdown or Reboot option behavior.

Also, see how to use PowerShell to View and Change BIOS Settings, and Prevent OS Reinstallation: Change from legacy BIOS to UEFI.

You must check the requirements via the BIOS settings. To do this, the device must be restarted and F2 must be pressed during the boot process. Alternatively, the BIOS boot menu can also be called up with F12. Then select the “BIOS Setup” option.

Depending on the model, the “Thorough” option must also be activated in the “Pre-Boot Behavior” area under Fastboot. Otherwise, problems may arise when using docking stations.

DELL BIOS THOROUGH SETTINGS

Upon ensuring that the right BIOS settings are in place, BIOS/UEFI updates applied, and the device policy reapplied. You can see from he Computer Compliance Report that the device is complaint again as shown below.

Device is now complaint

FAQs

Why is my device not encrypting even though MBAM policies are applied?

If a device was manually encrypted or decrypted, the MBAM agent may incorrectly assume the drive is already compliant. As a result, the agent will not trigger a new encryption process.

How can I force re-encryption on a device with MBAM?

The most reliable method is to uninstall and reinstall the MBAM agent. Reinstallation resets the agent’s state, and upon the next policy refresh, MBAM will enforce encryption according to the configured policies. This actually depends on if you have manually decrypted and enabled BitLocker despite having the agent installed.

What happens after I reinstall the MBAM agent?

Once reinstalled, the MBAM agent checks the device’s encryption status. If the drive is not fully encrypted, the agent automatically initiates encryption based on the applied MBAM policies.

I hope you found this article very useful on “Fast Boot Options: Fix specific Drive issue with BitLocker [MBAM]”. Please feel free to leave a comment below.

5/5 - (1 vote)

Thank you for reading this post. Kindly share it with others.

  • Share on X (Opens in new window) X
  • Share on Reddit (Opens in new window) Reddit
  • Share on LinkedIn (Opens in new window) LinkedIn
  • Share on Facebook (Opens in new window) Facebook
  • Share on Pinterest (Opens in new window) Pinterest
  • Share on Tumblr (Opens in new window) Tumblr
  • Share on Telegram (Opens in new window) Telegram
  • Share on WhatsApp (Opens in new window) WhatsApp
  • Share on Mastodon (Opens in new window) Mastodon
  • Share on Bluesky (Opens in new window) Bluesky
  • Share on Threads (Opens in new window) Threads
  • Share on Nextdoor (Opens in new window) Nextdoor
Windows Tags:BIOS, UEFI, Windows 10, Windows 11

Post navigation

Previous Post: SSD TRIM: Delete files permanently without using the Recycle Bin
Next Post: Sign-in options for Windows: Ditch Password for Enhanced Security

Related Posts

  • Featured image 1
    How to enable or disable color filters in Windows Windows
  • ycx
    Install SysInternals from the Microsoft Store Windows
  • 1237968 3d79
    How to perform sysprep in Windows Windows
  • Featured post
    Installing Windows Subsystem for Android (WSA) Windows
  • Screenshot 2020 12 30 at 01.03.14
    Device cannot use a Trusted Platform Module: Allow BitLocker without a compatible TPM Windows
  • change keyboard layout windows 10 thumb800
    Prevent on-screen keyboard from starting automatically and from appearing at login Windows

More Related Articles

Featured image 1 How to enable or disable color filters in Windows Windows
ycx Install SysInternals from the Microsoft Store Windows
1237968 3d79 How to perform sysprep in Windows Windows
Featured post Installing Windows Subsystem for Android (WSA) Windows
Screenshot 2020 12 30 at 01.03.14 Device cannot use a Trusted Platform Module: Allow BitLocker without a compatible TPM Windows
change keyboard layout windows 10 thumb800 Prevent on-screen keyboard from starting automatically and from appearing at login Windows

Leave a Reply Cancel reply

You must be logged in to post a comment.

Microsoft MVP

VEEAMLEGEND

vexpert-badge-stars-5

Virtual Background

GoogleNews

Categories

veeaam100

Veeam Vanguard

  • Stop teams from auto start
    Prevent Microsoft Teams from starting automatically on Windows Windows
  • Secure Boot 2023 Compliance For Wds
    Secure Boot 2023 Compliance Across WinPE, MDT, WDS, and ADK: Boot Chain Alignment and PXE Validation [Final Part] Windows
  • Screenshot 2020 12 06 at 17.01.38
    Start Print Spooler Service: How to fix Print Spooler Service not running Windows
  • images 2
    How to disable power plan in Windows via GPO and Windows Settings Windows
  • WSUS Analysis and Initial Assessment
    Preliminary Guide for WSUS Analysis and Initial Assessment Windows Server
  • Norton Antivirus Free Download For Mac 1st
    How to fix repeated app-blocking connection alerts from Norton on Mac Mac
  • VMware Tech Showcase
    Great details on VMware Tech Showcase Virtualization
  • any
    Install AnyDesk on Windows for remote Connections Windows

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,789 other subscribers
  • RSS - Posts
  • RSS - Comments
  • About
  • Authors
  • Write for us
  • Advertise with us
  • General Terms and Conditions
  • Privacy policy
  • Feedly
  • Telegram
  • Youtube
  • Facebook
  • Instagram
  • LinkedIn
  • Tumblr
  • Pinterest
  • Twitter
  • mastodon

Tags

Active Directory Azure Bitlocker Microsoft Windows PowerShell WDS Windows 10 Windows 11 Windows Deployment Services Windows Server 2016

Copyright © 2025 TechDirectArchive

Loading Comments...

You must be logged in to post a comment.