Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, May 8, 2018 12:05 PM
Hi all,
We want to use Bitlocker encryption for our company Clients (Win10 Pro, 1607-1709). I am doing some testing with 2 clients and am facing the problem that I can encrypt my C: Drive but CAN'T encrypt the D: Drive (2nd Partition) with some Data files. I am using the Bitlocker Management console from Win10 to encrpyt. When I start it, it only lets me select my C: Drive. If I open the explorer - select the D: Drive and go to manage, Bitlocker is grayed out! I have no idea what is the problem...
I have two clients, a PC and Laptop, both Dell. Both are in the domain
PC: No TPM, Win10 1709. C is SSD and D HDD
Lap"margin-bottom:10.5px;padding-right:0px;padding-color:#333333;font-family:'Open Sans', Arial, sans-serif;font-size:16px;line-height:26px;word-wrap:break-word;clear:none;">
I've checked the following:
- No GPO Settings made that might prevent Bitlocker on other drives
- Drivers and Bios are Up2Date
- I have local Admin Rights
- I've manually created a 500MB partition on the D: Drive on my pc, no changes
Can someone help me out? I tried to search in google, but no one seems to have the same issue...
Thank you in advance.
All replies (7)
Tuesday, May 8, 2018 12:11 PM
Hi Michael_87,
I can see that your D-drive is used as the System partition, BitLocker cannot be used on the system partition.
You could create another partition and move the data there and try encrypting it with BitLocker.
Kind regards,
Leon
Don't forget to visit my blog The System Center Blog
Tuesday, May 8, 2018 12:23 PM
Hi Leon,
sorry but I am a bit inexperienced with deep partitioning in Windows OS. I am not sure why it is a system partiton and if it needs to be a system partition. It is only used as file partition. Is it possible to convert this partition to a non system partition? Because there is a lot of files on it and I would need to backup them to an external drive.
The way I remember is, I create D: via Windows installation setup.
Thank you
Tuesday, May 8, 2018 12:33 PM
Hi,
That's okay :-)
Have a look at this page:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-7/dd744347(v=ws.10)
Note: This link is for Windows 7, but the commands are/should be very similar in Windows 10.[
](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-7/dd744347(v=ws.10))
Kind regards,
Leon
Don't forget to visit my blog The System Center Blog
Tuesday, May 8, 2018 1:25 PM
Hi Leon,
thanks for the Link. I am not sure which command I should use now...
In the first place I don't understand which partition (in the example of my Notebook) should be the system partition. If the system partition can't be encrypted, it can't be C: or D: so left are System reserved and recovery partition. Where should the boot folder (system information) be stored?
Should I be using "bcdboot C:\Windows /s S:"? but what is then my system partion? Or do I just use "bcdboot C:\windows /s"?
Thank you in advance!
Tuesday, May 8, 2018 3:01 PM
Hi,
Easiest would probably be to:
- Shrink your D-drive.
- Create a new NTFS partition from the unallocated space
- Move your data to your new partition.
- Try enabling BitLocker on your new partition.
Kind regards,
Leon
Don't forget to visit my blog The System Center Blog
Tuesday, May 8, 2018 7:40 PM
Simplest way to do this is to actually just reformat, because the partition settings aren't done correctly..
You should have a C drive, and a hidden system partition to store the OS settings, it looks like you had that and used DiskPart to expand the System partition and use that as an active drive, which is a bad idea in itself..
There isn't really an easy way to go backwards, it would be easier to just backup and reinstall the OS.
That said,
You can take all the stuff off that drive, put it on an external,
Shrink the drive down, disassociate the drive letter,
Format a new partition called D or whatever you want to make it, and make it a GUID partition..
Then copy all the software back onto it, and BitLocker it after that..
Rob
Tuesday, May 8, 2018 8:01 PM | 1 vote
If reinstallation is possible for you, I would also recommend to just reinstall and get everything done correctly.
During the Windows installation, Windows should create all the partitions automatically and you shouldn't have to worry about anything else.
Kind regards,
Leon
Don't forget to visit my blog The System Center Blog