If you have considered running Bitlocker, Microsoft's drive encryption tool, but didn't want to bother with what it would take to setup your drives properly to support it, then you are in luck if you are running Windows Vista Ultimate edition or Enterprise edition Microsoft has made a tool just for you. The Bitlocker Drive Preparation Tool is designed to help convert your existing install of Windows Vista into a setup that supports Bitlocker drive encryption.
Windows Vista Ultimate users can get this utility today as an ultimate extra from the Windows Update control panel applet and if you are a Windows Vista Enterprise customer you can head over the premier website and look under the tools section https://premier.microsoft.com/troubleshoot.aspx?taid=tools or contact Microsoft customer support.
This tool will automatically create an S: drive that is 1.5 GB in size and move over the required boot files. This new partition become the active partition that begins the boot process. It will not be encrypted, only the operating system volume will be, so don't store any data on this partition. The reason for such a large amount of space is to support WinRE and Microsoft updates.
If you would like to change the drive letter you can manually run the tool using the following command line paramaters:
| Parameter | Description | Notes |
| [-?] [/?] | Help - Provides a brief description of the tool's purpose and parameters | |
| [-driveinfo] | Displays the drive letter, the total size, the maximum free space, and the partition characteristics | Only valid partitions are listed. Characteristics are noted only for WinRE, operating system, and unallocated partitions. |
| [-target {unallocated ¦ drive: {shrink ¦ merge}}] | Indicates the desired operation for target partition: create a new partition from unallocated disk space, split the target partition to create a new partition, or merge unallocated space with the target partition | Cannot merge unallocated spaced with the operating system partition. Unallocated space is not listed if four primary or extended partitions already exist. |
| [-newdriveletter] ¦ DriveLetter:] | Indicates the drive letter for the newly created partition | Letters A, B, and C are excluded. If no letter is indicated, the first available drive letter backward from S is applied. |
| [-size ¦ SizeInMegabytes] | Indicates the size in megabytes for the new partition | The minimum size is 1500 MB. At least 10 percent of the target partition must be free after the new partition is created. |
| [-quiet] | Suppresses confirmation text to avoid user interaction | |
| [-restart] | Restarts the system immediately after all operations are complete | Restarts immediately, regardless of open files or other users logged in. |
Example: BdeHdCfg.exe -target c: shrink -newdriveletter x: -size 1500 –quiet –restart
If you are running Windows Vista Ultimate after you have encrypted the drive don't forget to backup your recovery key using the Secure Online Key Backup utility located in the Control Panel. This will save a copy to your "digital locker" associated with your Passport/Live account.
If you are using Windows Vista Enterprise you should escrow the key to Active Directory (prefered) or to a secure file share.
If you have any questions about Bitlocker or this tool drop by our forums
Posted
Feb 22 2007, 06:55 PM
by
Josh Phillips
Follow Me on Twitter
Did you enjoy this article? If yes, then subscribe to our
or
