first things first. I did not discover this method. It was blogged over here. However, it was written for Virtual PC and Virtual Server. I gave it try on Hyper-V and found that it works with little change to the steps mentioned in the original article. Here you go…
- Create a new Virtual Floppy Disk
This can be done by selecting New -> Floppy Disk under Action menu of Hyper-V Manager MMC - Create a new virtual machine with your preferred settings
- Start Windows 2008 or Vista (any flavor that supports BDE) install and follow the below partitioning layout. You need to run the below commands at command prompt. You can open a command prompt by pressing Shift+F10
diskpart
select disk 0
clean
create partition primary size=1500
assign letter=S
active
create partition primary
assign letter=C
exit
format c: /y /q /fs:NTFS
format s: /y /q /fs:NTFS
exit - After the install is complete just turnoff the new VM and edit it’s settings to attach the VFD created in step 1
- Reboot the guest and install BitLocker Drive Encryption feature using Server Manager
- Run gpedit.msc and go to Local Computer Policy, Computer Configuration, Administrative Templates, Windows Components and then BitLocker Drive Encryption
- Double click on Control Panel Setup: Enable advanced startup options, select Enabled and make sure Allow BitLocker without a compatible TPM is checked
- At the command prompt, format a:(This is required to make sure the manage-bde.wsf works fine)
- At the command prompt,
cscript c:\Windows\System32\manage-bde.wsf -on C: -rp -sk A: - This will prompt you to reboot your system to check if the virtual floppy (or A:) is accessible during reboot
- After the reboot, check BDE option under Control Panel -> Security to make sure BDE is enabled on C:
From now on, you need to have the VFD attached to the guest every time you reboot. Otherwise, BitLocker will prompt you for the recovery password.
Related Posts
