Share via


Event ID 24615 — BitLocker Encryption and Decryption

Applies To: Windows Server 2008

Whenever the operating system or an application attempts to read from or write to a BitLocker-protected volume, the BitLocker filter driver must decrypt or encrypt data in real time, sector by sector. The filter driver writes event log information when it encounters problems, even if the problem is corrected with an automatic retry of the operation.

Event Details

Product: Windows Operating System
ID: 24615
Source: Microsoft-Windows-BitLocker-Driver
Version: 6.0
Symbolic Name: FVE_METADATA_CORRUPT_ERROR
Message: Metadata initial read: Primary metadata record on volume %2 could not be found. Volume needs recovery.

Resolve

Restart the computer and recover or repair the volume

In order to successfully unlock volumes protected with BitLocker Drive Encryption, BitLocker must be able to successfully read information about the volume and the encryption stored on the volume itself, called "volume metadata." Although data corruption can occur, it is rare. Data corruption can be caused by hardware failure or physical damage.

Note: If the BitLocker-protected volume is currently unlocked, we recommend copying any important data to a new volume before performing any of the following procedures.

In order to regain access to information stored on an encrypted volume if BitLocker is unable to read the volume metadata, try each of the following processes:

To perform these procedures, you must have membership in Administrators, or you must have been delegated the appropriate authority.

Restart the computer with a "cold boot"

To restart the computer with a "cold boot":

  1. If Windows is running, click Start, then choose Shut Down from the Power menu.
  2. Once the computer has completed shutting down, turn off the power if it has not automatically turned off.
  3. Turn on the computer.
  4. If the Recovery console appears, continue with the next procedure. Otherwise, log on to Windows and back up any important data.

Recover the drive with the Recovery console

To recover the drive with the Recovery console:

  1. At the BitLocker recovery prompt, follow the instructions to insert a USB flash drive containing the BitLocker recovery key for the volume, or type the BitLocker recovery password. (The sequence of prompts will vary according to the BitLocker keys that have been created for the volume.)
  2. If the recovery process successfully unlocks the volume, log on to Windows and back up any important data. If the recovery process is unable to unlock the volume, continue with the next procedure.

Use the BitLocker Repair Tool

Use the BitLocker Repair Tool to salvage any recoverable data.

Using the BitLocker Repair Tool is an advanced procedure that should be performed by an experienced administrator. For more information about using the BitLocker Repair Tool, see "How to use the BitLocker Repair Tool to help recover data from an encrypted volume in Windows Vista" in the Microsoft Knowledge Base at https://go.microsoft.com/fwlink/?LinkId=99556.

Caution: We strongly recommend that all important data be backed up regularly.

Verify

To verify the correct operation of BitLocker encryption and decryption, read data from and write data to an encrypted volume. The read and write should occur without error.

Caution: We strongly recommend that all important data be backed up regularly.

BitLocker Encryption and Decryption

Core Security