We came across a few machines during an in-place upgrade to Windows 10 1809 that failed to resume BitLocker once the upgrade had occurred.
We needed to identify which machines were affected, and we needed to remotely Resume bitlocker on those machines.
Identifying the machines in SQL
I came up with this SQL query that identifies the machines were the C:\ bitlocker status wasnt enabled:
select distinct HWS.DriveLetter0, HWS.ProtectionStatus0, SYS.Netbios_Name0
from v_GS_ENCRYPTABLE_VOLUME HWS INNER JOIN v_R_System SYS on HWS.ResourceID = SYS.ResourceID
where HWS.DriveLetter0 = 'C:' and HWS.ProtectionStatus0 = '0'
Resuming Bitlocker Remotely using PowerShell
verify its the machine in question
check that the BitLocker status is actually suspended
Manage-bde -status -cn LAPTOP123 C:
manage-bde -on C: -cn LAPTOP123