Testing Bitlocker drive encryption

Early December, I attented a Microsoft training on Windows 8 (22688A) in a local training center. I had the opportunity to test Bitlocker in module 11.

In the lab we were first asked to encrypt the volume E: on the first computer named Computer01A

Get-BitLockerVolume

After encrypting the volume, we had to dismount the encrypted drive from the VM Computer01A and attach it to the second computer named LON-CL2.
We had to look at the recovery key that was stored in Active Directory and use it to unlock the drive mounted on a second computer named LON-CL2

I decided to use PowerShell to unlock the drive 😛

Let’s first look at the properties of the newly attched encrypted drive. We can see that it’s locked and what “key protectors” were used to encrypt it.

 Get-BitLockerVolume -MountPoint F: | fl *

Using the key stored in Active Directory, I did the following to unlock the drive:

 Unlock-BitLockerVolume -MountPoint F: -RecoveryPassword "036212-568502..."

As I had some spare time during the lab, I explored other bitlocker cmdlets.
I started first to disable bitlocker on the F: drive on the computer named LON-CL2 as it was previously unlocked.

 Disable-BitLockerVolume -MountPoint F:

Now, I wanted to be able to encrypt the drive and have its recovery key stored in Active Directory and I did:

Enable-Bitlocker -MountPoint F: -EncryptionMethod AES128 -UsedSpaceOnly:$true -RecoveryProtector

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s