Not an IT pro? Windows Client. Sign in. United States English. Ask a question. Quick access. Search related threads. Remove From My Forums. Asked by:. Archived Forums. Sign in to vote. Thanks jawsurgeon. Wednesday, September 25, PM. Friday, September 27, PM. If the system requires a startup key then PINs must be disallowed and vice versa.
Having made the appropriate changes, click on Apply followed by OK to commit the changes. Open the BitLocker control panel as outlined above and click on the Turn on BitLocker link beneath the drive to be encrypted.
The resulting dialog will warn you that BitLocker Encryption decreases performance and provide the option to cancel the operation. To proceed, select Yes. The next screen to appear is the Set BitLocker startup preferences screen. The options provided on this screen will be governed by whether the host system has a TPM or not. The following figure shows the screen on a system without a TPM, and as such only provides the option to use BitLocker with a USB flash drive containing a startup key:.
Select the desired option to move to the next step. Next, the setup process will request that you save a recovery key. This will be required to unlock the system if BitLocker detects a problem with the integrity of the system typically if the data on the disk has been tampered with while the system was shutdown :. Do not save the recovery key on the same USB device as the startup key, but instead insert a different device.
It is recommended that multiple copies of the key be kept so it is also advised that the key be printed out and kept safely on file. Once the recovery password has been saved click Next to proceed. On the final screen, make sure the Run BitLocker system check toggle is set and click Continue to begin the encryption process.
The system will restart and begin the encryption process, indicated by a dialog with a progress bar. Once the encryption process is complete the startup key or PIN depending on the configuration settings will be required next time the system is started. The resulting screen will provide options to Duplicate the recovery password and Duplicate the startup key.
The recovery key may be written to a USB drive or to a folder. The startup key must be saved to a USB memory device. BitLocker Drive Encryption may be disabled on either a temporary or permanent basis. To turn off BitLocker and decrypt a system volume repeat the above steps, selecting Decrypt the volume when asked to specify the level of decryption. Jump to: navigation , search. Navigation menu Personal tools.
Namespaces Page Discussion. Views Read View source View history. This is achieved using the Server Manager. To access the Server Manager either open the Start menu and select server manager or click on the Server Manager icon in the task bar.
In the tree hierarchy located in the left hand panel of the Server Manager select the Features option. Once selected, the Server Manager will display the status of current feature configurations and provide options to add and remove features. The following figure illustrates the Server Manager in Features mode with no features currently installed:.
On the resulting Confirmation screen verify that you wish to enable BitLocker support by clicking on the Install button. The wizard will subsequently work through the installation process. The amount of time required to complete this task will vary depending on system speed. Overall progress can be tracked via the progress bar displayed on the Process screen. Upon Completion of the installation process it will be necessary to reboot the system to implement the change.
The restart can be triggered by clicking the You must restart this server to finish the installation link shown on the wizard's Results page. Alternatively, close the wizard and select the restart from the Start menu when it is convenient to do so. After the restart has completed the Add Features Wizard will restart and complete the final phases of the feature installation process.
Once completed, click on the Close button to exit from the wizard. BitLocker Drive Encryption requires that there be two partitions on the hard disk drive. The first partition is referred to as the system volume and contains the unencrypted boot information. The second partition is referred to as the operating system volume. This is the volume which will be encrypted and contains the operating system and user data. The system volume must be at least 1.
This volume can be created either by using unallocated space on a drive, taking space from an existing volume, or the boot files can be merged into an another existing volume other than the operating system volume. In order to ease the process of creating the system volume Microsoft provides a tool called the BitLocker Driver Preparation Tool.
This tool may be downloaded from the Microsoft website. The tool may either be run as a graphical tool or run from a command prompt with a variety of command-line options to perform the required task. To obtain a list of the command-line options available run the tool with the -? To obtain information about the existing disk drive configuration, run the BdeHdCfg.
0コメント