Sign in with
Sign up | Sign in
Your question

Can't Encrypt Additional Partition with BitLocker

Last response: in Windows 7
Share
September 28, 2011 6:21:28 PM

My setup: Windows 7 Ultimate x64 on ThinkPad T510. 1HD, two partitions (C and D).

I just reinstalled my system and encrypted C; however, there is absolutely no option to encrypt D. I've tried accessing the drive from admin account and still nothing. When I open BitLocker management, it only lists partition C and not D.

Here is some additional information that might or might not matter: I tried to restore my Windows 7 from an Acronis image and it was unsuccessful. Tried it twice and during booting POST showed two different W7s installed, which was incorrect. When I finally installed Windows 7 from scratch, the extra W7s were still appearing before startup and I had to use EasyBCD to remove them. Now when I am trying to backup partition C, Acronis says that my System Reserved Partition (SRP) is on partition D. My hunch is that Acronis messed up my drive D when I was trying to restore my C partition. Then when I did a fresh Windows 7 install, the SRP incorrectly ended up in D and since SRP cannot be encrypted, that means that my entire drive D can’t be encrypted either.


Can that really be the case? If so, what is the quickest solution? I am dreading about going through formatting my 750GB HD and installing Windows 7 and encrypting it yet again. I read somewhere that you can use software like Acronis Disk Manager to move the SRP to drive C, but I am not sure how this will work because when I open the native winodws Disk Management, I don’t see SRP there. So I’m stuck and don’t want to format my HD if what I think is the problem is in fact not the problem.
September 29, 2011 12:56:33 AM

What encryption software are you useing?
m
0
l
September 29, 2011 1:15:11 AM

starzty said:
What encryption software are you useing?


???

BitLocker, of course.
m
0
l
Related resources
September 29, 2011 2:18:21 AM

You'd be surprised. I'll look into to it when I boot my Win7 machine tomorrow
m
0
l
September 29, 2011 8:38:04 AM

Ok, so I tried and few things and also read this guide: http://www.sevenforums.com/tutorials/119151-system-rese...

I found out that I do NOT have a separate System Reserved Partition. After I chose to reveal hidden and protected files, sure enough I saw the boot folder and bootmgr in my D drive. The problem is much more specific now: I created a 200mb "System Reserved" partition by shrinking partition D. I also went through great deal of trouble getting access to these hidden system files so I could delete them. Unfortunately, when I do startup repair, Windows ALWAYS puts the boot files back in D and never does anything with the manually created 200mb SRP. At this point I don't know what else to do. The only thing I can think of is to format everything except partition C (since installing my setup was the most time consuming part) and try startup recovery again. The catch is that I have to move about 500GB of data and it's not going to be fun if that solution doesn't work either. I am open to alternate solutions.
m
0
l
September 29, 2011 7:20:44 PM

Thanks to help from another forum, I resolved this problem. My boot files are now in SRP and I can now encrypt partition D with BitLocker. I’d like to give back to the community by writing a complete guide here because I haven’t seen a single guide that address this correctly.

For those with this same problem, the first thing you need to do is go to your Disk Management (type this in your Start address bar and click on “Create and format hard disk partitions” in the search results). In there, you must see System Reserved as one of your partitions. If it’s not there, then it is likely in one of your other partitions (except C). Now that you know the problem, you can apply this guide:

1. In Disk Management, right click on one of your partitions (except C), preferably the last one location on the HD that contains partition C, and select “Shrink Volume.”
2. For the “amount of space to shrink” enter 200MB (this is better than the native 100MB if you’re using BitLocker). Press Shrink
3. Right click on the newly created unallocated space and select “New simple volume”
4. Specify the volume size of 200, then select “Do not assign a drive letter”
5. Label the volume “System Reserved” and uncheck “Quick format.” Finish the process.
6. Right click on the newly created System Reserved and select “Mark Partition as Active”
7. Insert Windows 7 DVD or USB stick and make sure BIOS is set to boot from it
8. Once you boot from Windows 7 setup, select “Repair System” and then “Startup Repair”
9. Once that’s complete, remove the USB/DVD and restart
10. You’re done, but keep this in mind. Sometimes you need to run the repair three times before Windows can boot correctly, so don’t give up after it doesn’t work the first time. In fact, it probably won’t work after repairing just once.

If you were successful, BitLocker encryption will now be available for the drive you had issues with. This leaves the most annoying part – deleting the boot files from your file partition. If you want to do this, follow the steps below:

Enable the true Administrator account and log in. To enable:
1. Start-->Type cmd. In the results right click on CMD and Run as administrator
2. Type this command in CMD: net user administrator /active:yes

When you log off, Administrator account will be there. Log into it and follow through the rest of the steps below.

To delete the boot files, first make them visible:
Go to the partition where you think your boot files are, go to Organize-->Folder Options-->View. Here check “Show hidden files…” and uncheck “Hide protected operating system files.” Click OK. The boot files will now be visible.

To delete any of the boot files, you will need to right click on each file/folder and follow the steps below
1. Properties-->Security-->Advanced-->Owner-->Edit-->Select Administrator-->Ok
2. Properties-->Security-->Advanced-->Permissions-->Change Permissions-->Select Administrators, Check “Include inheritable…” and “Replace all child object…” (available only for folders)-->Ok
3. Properties-->Security-->Edit-->Highlight Administrators and give Full Control-->Ok

This is it. I’m not too happy about the time spent on this, but this was a good learning experience. This is why some people dislike Windows. I am waiting for that day when users won’t have to ever waste any time dealing with software issues. Maybe another decade or two.
m
0
l
February 2, 2012 6:27:27 AM

Youngster provided a great blue print of how to cure the bitlocker issue. I prefer to use PGP Whole Disk Encryption. Bit Locker has issues when used with 64bit w Windows 7 -- so many I use PGP! Thankful the issue was raised and some people still think about security.
m
0
l
February 2, 2012 6:28:21 AM

Oops didn't mean Youngster, but Excelsius provided a great blue print.
m
0
l
June 24, 2013 7:27:28 PM

I think it defeats the purpose of hiding something if you are putting it in plain sight. even if it is encrypted, would ask for a password/keypass and you can access/decrypt all your fave encrypted folders wherever they are hiding in the computer. it all depends on how you wanna use the application i think, and as for me, I used Vibosoft folder encryptor tool: http://www.vibosoft.com/folder-encryptor.html, which works greatly for my windows 7.
m
0
l
!