2

We have HP desktop computers all identical.

I setup Bitlocker encryption on one, no partition was required and the computer was fully encrypted.

Second computer gave me a different result, Bitlocker needed to partition and shrink the drive by 800MB. After that the computer was encrypted.

Disk management shows the partition created for Bitlocker and another computer no partition made.

Why is Bitlocker doing this? Requiring a partition on one computer and not on another?

Second Computer: Partition created - Fully Encrypted enter image description here

First Computer: No Partition - Fully Encrypted enter image description here

Max
  • 23
  • 3
  • Have you tried mounting the new partition to see what's there? It's NTFS, should be easy to mount (with `mountvol`, `diskpart`, or straight from Disk Management). – CBHacking Feb 26 '19 at 20:46
  • When Bitlocker inspected the disk, it said it needed to allocate (in this case 852MB) of space for Bitlocker to work. So, I would assume it probably has some Bitlocker stuff in it. 1 out of the 4 computers didn't need this partition, even though all computers are identical in every way. I am scanning through the BIOS to see if there is some setting differences, but really would like a simple answer. – Max Feb 26 '19 at 20:52

1 Answers1

0

I've never seen that behavior, and this is just a guess, but: BitLocker replaces the NTFS partition header (volume boot sector) with its own metadata, which contains the information needed to decrypt the disk (if a valid key is supplied), and also points to the "real" boot sector within the encrypted volume. The BitLocker metadata is also replicated across the volume in additional locations for redundancy, in space that NTFS marks as allocated but does not use for any files. As such, turning on BitLocker requires reserving some space on various parts of the partition, and it might be picky about what parts those changes are made to. It's possible that, for some reason, some of the changes that need to be made near the start of the volume could not be made (because files were currently in use), so BitLocker created a new partition from free space at the end of the volume and put some of its metadata there.

That doesn't explain it needing 852 MB, though; not sure what's up with that. The BL or NTFS volume metadata needs to fit on a boot sector, which is generally only 4 KB. I suppose it could be a copy of the NTFS Master File Table or something, but in that case I'd expect it to be encrypted too (and also the MFT needs to be accessed frequently, so putting it on a separate partition on the same physical storage doesn't make a lot of sense).

My other guess would be that it's additional OEM recovery / OS restore data, based both on the partition type and the approximate size. That doesn't make sense for one computer to have and the other not to, though, unless they were imaged differently (or the additional OEM / OS recovery data was deleted off one of them); I don't know how sure you are that the software / stored data on each machine is identical, vs. just the hardware and OS image.

CBHacking
  • 40,303
  • 3
  • 74
  • 98
  • These computers were factory refurbished units. They pretty much came with fresh install of Windows 10 Pro, all same spec, same model etc. So what is normal here? Fresh install of Windows 10 on a formatted hard drive will not require a additional partition? Because 1 out of the 5 computers, didn't need a partition. This is telling me, the norm is Bitlocker will partition your drive, and all 4 of the 5 computers have the exact same partition size made. I can try and do a fresh install of Windows 10 to see what Bitlocker will do. – Max Feb 26 '19 at 21:49
  • I've probably only personally put BitLocker on about ten PCs (half of them Vista, and maybe only three Win10) myself, and they were definitely not identical. Vista required creating a new partition because its installer didn't create a separate bootloader partition by default (the EFI System partition is where the bootloader goes on modern systems). I don't think a single one of them (Vista through Win10) created a new partition like you show, though. – CBHacking Feb 27 '19 at 07:04
  • You may be right about OEM recovery / OS restore probably has something to do with it. I went ahead and reformatted the computer and installed Windows 10 Pro and enabled BitLocker, it encrypted the drive without requiring a partition. I will be doing this to rest of the computers, just cause I don't like seeing that extra partition haha – Max Mar 01 '19 at 08:52