2
I have two HP ProBook 6560b laptops, with one running Windows 7 Enterprise with BitLocker enabled. I am trying to test the scenario where one BitLocker-protected machine dies completely (i.e. perhaps motherboard failure), so I am just moving the encrypted hard drive to the exact same model laptop. This is all fine, I can decrypt the hard drive with my recovery key.
However, as soon as the I've typed the recovery key in the machine blue screens. If I put the HDD back in the original machine it works fine. I am currently using TPM only as the authentication means to BitLocker.
Blue Screen details: KERNEL_DATA_INPAGE_ERROR 0x0000007a pci.sys
My understanding is that you are able to move around a BitLocker-protected drive, as long as you know the recovery key and put the drive in a relatively similar machine. I've tried repairing the Windows installation, booting into safe mode etc but no luck.
Thanks in advance.
Aaron Fahey
Posted 2017-01-19T02:07:22.877
Reputation: 153
"My understanding is that you are able to move around a BitLocker-protected drive, as long as you know the recovery key and put the drive in a relatively similar machine." -- only true if it doesn't come from a system with a TPM – Ramhound – 2017-01-19T02:19:44.160
Do you know of any way whereby I can mount the device and decrypt it? This scenario I'm testing is TPM only – Aaron Fahey – 2017-01-19T02:26:00.153
Decrypt it on the PC with the TPM. – Ramhound – 2017-01-19T02:26:40.323
They both have TPM, say drive A is married to machine A. I want to put drive A in machine B, because machine A died. Is this possible? – Aaron Fahey – 2017-01-19T02:30:09.523
1I just reviewed Windows Internals 6th edition, and it doesn't address this precise scenario - but it does say that the recovery key should work to decrypt the drive if you attach it as an additional drive to an existing machine. – dsolimano – 2017-01-19T16:51:34.670
@dsolimano I will trying this today, thanks. – Aaron Fahey – 2017-01-19T18:49:53.917