3
I'm running Windows Vista SP 2. My Windows OS drive is bitlocker encrypted. I have a Complete PC Backup of the OS drive on a secondary drive also bitlocker encrypted. I want to replace the OS drive with a large one and then do a Complete PC Restore from the backup on the secondary bitlocker encrypted drive. What is the correct procedure to do this restore from the image on the bitlocker encrypted backup drive?
ne0sonic
Posted 2010-04-14T18:24:20.340
Reputation: 169
6
I had the same question, and this post was the closest thing that I could find to an answer so I went ahead and tried this over the weekend just to see what would happen.
I Bitlockered an external drive, created a system image and a recovery disc, booted into the disc and was prompted as part of the recovery process to unlock the Bitlockered drive. All in all it worked flawlessly without me having to type anything on the command line or really deviate from the normal recovery process.
You can find the details of my experiment here: http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/6cbc202b-094b-48ff-b4d6-486f3821c604
Shadowcat
Posted 2010-04-14T18:24:20.340
Reputation: 176
1
Wow, you don't make it easy!
I am not sure if there is an easier way of doing this, however this is how I would acomplish it.
If you inserted the recovery disk, click cancel to get out of Complete PC Restore and click Command Prompt
For this to work, you need to know your recovery key. From within Windows, you can create a new one by using the Bitlocker management tools.
To interact with a bitlocker encrypted drive from Windows PE, use the manage-bde.exe file located at %systemroot%\system32\
The command you want is
%systemroot%\system32\manage-bde.exe -unlock d: -RecoveryKey c:\blabla.bek
Where c:\ is your system drive, d: is the drive to unlock and c:\blabla.bek is that backup key file.
If you get an error message, then try entering the key in the following manner:
%systemroot%\system32\manage-bde.exe -unlock d: -rp [bunch of numbers without hyphens]
I would recommend that you put both the manage-bde.exe and the recovery key file on a USB flash drive or somewhere unencrypted so that you can easily use it.
Next, go back to the selection menu and you should be able to go back to complete PC Restore and the drive should be readable.
William Hilsum
Posted 2010-04-14T18:24:20.340
Reputation: 111 572
I hope to give this a try today or tomorrow. I'll post whether or not I was successful. – ne0sonic – 2010-04-15T12:18:13.823