BitLocker Post OS-Install - Boot & Partition Considerations

Posted: 11-26-2006, 11:02 PM
This post was written to help anyone trying to implement BitLocker without
having the required partition configuration.

During the initial Vista (6000) install I did not take the default
recommended partitions and part sizes. Chalk it up to inexperience. Anyway on
my laptop I created a single 40GB partition for the boot/system. After
discovering more about Vista, CBT first look, etc . . . I wanted to enable
the Bitlocker feature. My (DELL B130) does not have a TPM chip but MS has a
workaround using a USB key, easy enough.

The real discovery, and reason for this post, is to reveal some learned
changes in the bootloader and startup of Vista. Other Windows Live searches
resulted in some supporting information as well.

To create the partition requirements of the BitLocker feature, I used
(diskmgmt.msc now allows for) the "shrinking" partion on the fly feature.
With the newly freed space I created an (NTFS) 1.5GB partition and I made it
the active partition for the system. Next, to make the new 1.5GB active
partition "bootable" 2 files were required - c:\bootmgr and C:\Boot\BCD (need
to access this file while Vista is shutdown - locked during OS runtime). I
used WinPE for the BCD file copy.

That was it. Vista now had the required partition config for BitLocker and
is bootable. I followed the rest of the MS article for deployment of the BL
feature w/o TPM HW.

http://www.microsoft.com/technet/win...4d762cf31.mspx


It is working like a charm.

BitLocker Post OS-Install - Boot & Partition Considerations


Responses to "BitLocker Post OS-Install - Boot & Partition Considerations"

Josh
Guest
Posts: n/a
 
Re: BitLocker Post OS-Install - Boot & Partition Considerations
Posted: 11-29-2006, 02:26 AM
Microsoft has a tool to convert partitions in the works....If you aren't in
a hurry it is probably better to wait...

--
Josh
http://windowsconnected.com
"Banquo" <Banquo@discussions.microsoft.com> wrote in message
news:AB1CE0D1-46DE-4A85-AC2B-B3188B540103@microsoft.com...
> This post was written to help anyone trying to implement BitLocker without
> having the required partition configuration.
>
> During the initial Vista (6000) install I did not take the default
> recommended partitions and part sizes. Chalk it up to inexperience. Anyway
> on
> my laptop I created a single 40GB partition for the boot/system. After
> discovering more about Vista, CBT first look, etc . . . I wanted to enable
> the Bitlocker feature. My (DELL B130) does not have a TPM chip but MS has
> a
> workaround using a USB key, easy enough.
>
> The real discovery, and reason for this post, is to reveal some learned
> changes in the bootloader and startup of Vista. Other Windows Live
> searches
> resulted in some supporting information as well.
>
> To create the partition requirements of the BitLocker feature, I used
> (diskmgmt.msc now allows for) the "shrinking" partion on the fly feature.
> With the newly freed space I created an (NTFS) 1.5GB partition and I made
> it
> the active partition for the system. Next, to make the new 1.5GB active
> partition "bootable" 2 files were required - c:\bootmgr and C:\Boot\BCD
> (need
> to access this file while Vista is shutdown - locked during OS runtime). I
> used WinPE for the BCD file copy.
>
> That was it. Vista now had the required partition config for BitLocker and
> is bootable. I followed the rest of the MS article for deployment of the
> BL
> feature w/o TPM HW.
>
> http://www.microsoft.com/technet/win...4d762cf31.mspx
>
>
> It is working like a charm.
Darrell Gorter[MSFT]
Guest
Posts: n/a
 
Re: BitLocker Post OS-Install - Boot & Partition Considerations
Posted: 11-30-2006, 08:25 PM
Hello,
It assists with creating the bitlocker volume configuration on disks where
Windows Vista is already installed
Thanks,
Darrell Gorter[MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights

Josh
Guest
Posts: n/a
 
Re: BitLocker Post OS-Install - Boot & Partition Considerations
Posted: 12-01-2006, 01:37 PM
Automates the conversion from a single partition setup to one that is
bitlocker capable.

--
Josh
http://windowsconnected.com
"banquo" <banquo@discussions.microsoft.com> wrote in message
news:1901979D-2793-4FC6-94BD-EE392690E672@microsoft.com...
> What does this partition coversion tool do that is new?
>
> "Josh" wrote:
>
>> Microsoft has a tool to convert partitions in the works....If you aren't
>> in
>> a hurry it is probably better to wait...
>>
>> --
>> Josh
>> http://windowsconnected.com
>> "Banquo" <Banquo@discussions.microsoft.com> wrote in message
>> news:AB1CE0D1-46DE-4A85-AC2B-B3188B540103@microsoft.com...
>> > This post was written to help anyone trying to implement BitLocker
>> > without
>> > having the required partition configuration.
>> >
>> > During the initial Vista (6000) install I did not take the default
>> > recommended partitions and part sizes. Chalk it up to inexperience.
>> > Anyway
>> > on
>> > my laptop I created a single 40GB partition for the boot/system. After
>> > discovering more about Vista, CBT first look, etc . . . I wanted to
>> > enable
>> > the Bitlocker feature. My (DELL B130) does not have a TPM chip but MS
>> > has
>> > a
>> > workaround using a USB key, easy enough.
>> >
>> > The real discovery, and reason for this post, is to reveal some learned
>> > changes in the bootloader and startup of Vista. Other Windows Live
>> > searches
>> > resulted in some supporting information as well.
>> >
>> > To create the partition requirements of the BitLocker feature, I used
>> > (diskmgmt.msc now allows for) the "shrinking" partion on the fly
>> > feature.
>> > With the newly freed space I created an (NTFS) 1.5GB partition and I
>> > made
>> > it
>> > the active partition for the system. Next, to make the new 1.5GB active
>> > partition "bootable" 2 files were required - c:\bootmgr and C:\Boot\BCD
>> > (need
>> > to access this file while Vista is shutdown - locked during OS
>> > runtime). I
>> > used WinPE for the BCD file copy.
>> >
>> > That was it. Vista now had the required partition config for BitLocker
>> > and
>> > is bootable. I followed the rest of the MS article for deployment of
>> > the
>> > BL
>> > feature w/o TPM HW.
>> >
>> > http://www.microsoft.com/technet/win...4d762cf31.mspx
>> >
>> >
>> > It is working like a charm.
>>
Jeff
Guest
Posts: n/a
 
Re: BitLocker Post OS-Install - Boot & Partition Considerations
Posted: 12-01-2006, 04:29 PM
Nice,
be sure to let us know please.

Jeff

""Darrell Gorter[MSFT]"" <Darrellg@online.microsoft.com> wrote in message
news:8NzBi2LFHHA.2300@TK2MSFTNGHUB02.phx.gbl...
> Hello,
> It assists with creating the bitlocker volume configuration on disks where
> Windows Vista is already installed
> Thanks,
> Darrell Gorter[MSFT]
>
> This posting is provided "AS IS" with no warranties, and confers no rights
>
Jamie Hunter [MS]
Guest
Posts: n/a
 
Re: BitLocker Post OS-Install - Boot & Partition Considerations
Posted: 12-06-2006, 09:01 PM
Per Josh, this is a really cool tool coming from the BitLocker Team (I'm now
on another project, so you'll probably be hearing less of me).

Reconfiguring a disk to get BitLocker working... without causing problems
later / rendering machine unbootable, requires a large number of steps a
number of which involves BCDEDIT. I'm amazed Banquo had success.

I really recommend holding out for the tool rather than trying to jump
through the reconfiguring hoops.
-
Jamie Hunter [MS]

"Josh" <josh@windowsconnected.com> wrote in message
news:6FB0E47B-0BCF-4B95-B446-393B60390198@microsoft.com...
> Automates the conversion from a single partition setup to one that is
> bitlocker capable.
>
> --
> Josh
> http://windowsconnected.com
> "banquo" <banquo@discussions.microsoft.com> wrote in message
> news:1901979D-2793-4FC6-94BD-EE392690E672@microsoft.com...
>> What does this partition coversion tool do that is new?
>>
>> "Josh" wrote:
>>
>>> Microsoft has a tool to convert partitions in the works....If you aren't
>>> in
>>> a hurry it is probably better to wait...
>>>
>>> --
>>> Josh
>>> http://windowsconnected.com
>>> "Banquo" <Banquo@discussions.microsoft.com> wrote in message
>>> news:AB1CE0D1-46DE-4A85-AC2B-B3188B540103@microsoft.com...
>>> > This post was written to help anyone trying to implement BitLocker
>>> > without
>>> > having the required partition configuration.
>>> >
>>> > During the initial Vista (6000) install I did not take the default
>>> > recommended partitions and part sizes. Chalk it up to inexperience.
>>> > Anyway
>>> > on
>>> > my laptop I created a single 40GB partition for the boot/system. After
>>> > discovering more about Vista, CBT first look, etc . . . I wanted to
>>> > enable
>>> > the Bitlocker feature. My (DELL B130) does not have a TPM chip but MS
>>> > has
>>> > a
>>> > workaround using a USB key, easy enough.
>>> >
>>> > The real discovery, and reason for this post, is to reveal some
>>> > learned
>>> > changes in the bootloader and startup of Vista. Other Windows Live
>>> > searches
>>> > resulted in some supporting information as well.
>>> >
>>> > To create the partition requirements of the BitLocker feature, I used
>>> > (diskmgmt.msc now allows for) the "shrinking" partion on the fly
>>> > feature.
>>> > With the newly freed space I created an (NTFS) 1.5GB partition and I
>>> > made
>>> > it
>>> > the active partition for the system. Next, to make the new 1.5GB
>>> > active
>>> > partition "bootable" 2 files were required - c:\bootmgr and
>>> > C:\Boot\BCD
>>> > (need
>>> > to access this file while Vista is shutdown - locked during OS
>>> > runtime). I
>>> > used WinPE for the BCD file copy.
>>> >
>>> > That was it. Vista now had the required partition config for BitLocker
>>> > and
>>> > is bootable. I followed the rest of the MS article for deployment of
>>> > the
>>> > BL
>>> > feature w/o TPM HW.
>>> >
>>> > http://www.microsoft.com/technet/win...4d762cf31.mspx
>>> >
>>> >
>>> > It is working like a charm.
>>>
>
Nevsky
Guest
Posts: n/a
 
Re: BitLocker Post OS-Install - Boot & Partition Considerations
Posted: 02-01-2007, 03:14 AM
Do you know what the status of the tool is?

""Darrell Gorter[MSFT]"" wrote:
> Hello,
> It assists with creating the bitlocker volume configuration on disks where
> Windows Vista is already installed
> Thanks,
> Darrell Gorter[MSFT]
>
> This posting is provided "AS IS" with no warranties, and confers no rights
>
>
Paul Adare
Guest
Posts: n/a
 
Re: BitLocker Post OS-Install - Boot & Partition Considerations
Posted: 02-01-2007, 06:48 AM
In article <08B94FAA-A536-43EB-B656-
E81A6530721F@microsoft.com>, in the
microsoft.public.windows.vista.security news group, =?Utf-
8?B?TmV2c2t5?= <Nevsky@discussions.microsoft.com> says...
> Do you know what the status of the tool is?
If you're running Ultimate it is available as an Ultimate
Extra download. If you're running Enterprise it is
available through your SA/EA fulfillment.
>
> ""Darrell Gorter[MSFT]"" wrote:
>
> > Hello,
> > It assists with creating the bitlocker volume configuration on disks where
> > Windows Vista is already installed
> > Thanks,
> > Darrell Gorter[MSFT]
> >
> > This posting is provided "AS IS" with no warranties, and confers no rights
> >
> >
>
--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca
"The English language, complete with irony, satire, and
sarcasm, has survived for centuries without smileys. Only
the new crop of modern computer geeks finds it impossible
to detect a joke that is not clearly labeled as such."
Ray Shea
 
LinkBack Thread Tools Display Modes
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
ATI considerations Stephen Sobchuk Windows Vista Games 3 09-21-2006 04:35 AM
Post Install jlambert59 Windows Vista Install & Setup 2 06-30-2006 03:21 AM
network card issues post sp2 install tom Windows XP Configuration & Management 2 11-02-2004 06:59 PM
Device driver, post .Net install Gmon Windows XP Device Drivers 0 09-30-2003 06:15 AM
RDC using TZO considerations....need advice Steve Stewart Windows XP Work Remotely 2 08-28-2003 09:33 PM