I want to create a w10 bootable usb from a pc with bitlocker enabled. Everytime I plug an usb drive pc asks me if I want to encrypt the drive etc. When I have tried to create a bootable I receive the message "media is write protected" or something similar. Is there a way to create bootable usb with bitlocker enabled? I've disabled via "regedit" the automatic encryption but it not works.
-
It's a different problem, in my case when the tool (i.e. rufus) unplug and plug again the usb drive it becomes "write protected"..– Manuel CastroCommented Nov 22, 2019 at 13:41
-
Say no to encryption when asked.– user931000Commented Nov 22, 2019 at 14:01
-
yep i did it and initially it works, as far I can understand at a certain momenti it "reboot" the usb and then it cannot write on it anymore.– Manuel CastroCommented Nov 22, 2019 at 14:08
-
@ManuelCastro You're overthinking it and you apparently don't know a few things you should for the task you intend. Just open disk management and remove the encrypted partition. If need be create a new FAT32 one. Rufus shouldn't care what 's in it anywe, as long it's not locked.– user931000Commented Nov 22, 2019 at 17:38
1 Answer
By default, BitLocker protection is required for a computer to be able to write data to a removable data drive. Removable data drives that are not BitLocker-protected will be mounted as read-only. Only if the drive is protected by BitLocker, it will be mounted with read and write access permissions.
This policy may be disabled as follows:
- Run the Local Group Policy Editor (gpedit.msc)
- Navigate to:
Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives - Double-click to edit "Deny write access to removable drives not protected by BitLocker policy"
- Click Disable and OK.
This option should have been Off by default. If this is a work computer, where it is set by the administrator, you may not be able to disable it.
An alternative way is by registry changes:
Enabling read-write access
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FVE]
"RDVDenyWriteAccess"=dword:00000000
Disabling read-write access
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\FVE]
"RDVDenyWriteAccess"=dword:00000001
For a work computer: This is possibly a breach in the security policy of your company. Use at your own risk.