Testing Bitlocker drive encryption

Early December, I attented a Microsoft training on Windows 8 (22688A) in a local training center. I had the opportunity to test Bitlocker in module 11.

In the lab we were first asked to encrypt the volume E: on the first computer named Computer01A


After encrypting the volume, we had to dismount the encrypted drive from the VM Computer01A and attach it to the second computer named LON-CL2.
We had to look at the recovery key that was stored in Active Directory and use it to unlock the drive mounted on a second computer named LON-CL2

I decided to use PowerShell to unlock the drive 😛

Let’s first look at the properties of the newly attched encrypted drive. We can see that it’s locked and what “key protectors” were used to encrypt it.

 Get-BitLockerVolume -MountPoint F: | fl *

Using the key stored in Active Directory, I did the following to unlock the drive:

 Unlock-BitLockerVolume -MountPoint F: -RecoveryPassword "036212-568502..."

As I had some spare time during the lab, I explored other bitlocker cmdlets.
I started first to disable bitlocker on the F: drive on the computer named LON-CL2 as it was previously unlocked.

 Disable-BitLockerVolume -MountPoint F:

Now, I wanted to be able to encrypt the drive and have its recovery key stored in Active Directory and I did:

Enable-Bitlocker -MountPoint F: -EncryptionMethod AES128 -UsedSpaceOnly:$true -RecoveryProtector

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.