When you install this tool, the tool adds an item to the
Start menu. To start the BitLocker Drive Preparation Tool, use one of the
following methods:
| • | Click Start, point to All
Programs, click Accessories, click System
Tools, click BitLocker, and then double-click
BitLocker Drive Preparation Tool. |
| • | Click Start, type
BitLocker in the Start Search text box,
and then click BitLocker Drive Preparation Tool in the
Programs list. |
After the tool finishes preparing the drive, you must restart
the computer. Then, you can use the Security item in Control Panel to enable
BitLocker.
Back to the top
How to prepare the hard disk for BitLocker Drive Encryption
To
encrypt drives and to verify boot integrity, BitLocker requires at least two
partitions. These two partitions make up a
split-load configuration. A split-load configuration separates the main
operating system partition from the active system partition from which the
computer starts.
The BitLocker Drive Preparation Tool automates the
following processes to make the computer ready for BitLocker:
| • | Creating the second volume that BitLocker
requires |
| • | Migrating the boot files to the new volume |
| • | Making the volume an active volume |
When the tool finishes, you must restart the computer to change
the system volume to the newly created volume. After you restart the computer,
the drive will be configured correctly for BitLocker. You may also have to
initialize the Trusted Platform Module (TPM) before you turn BitLocker on.
Back to the top
System requirements
To create a new partition or to merge unallocated space with an
existing partition, the target system must meet the following requirements:
| • | A genuine version of Windows Vista Ultimate, Windows Vista
Enterprise, or Windows Server 2008 must be installed. |
| • | The active partition must contain boot configuration data
and boot files. |
| • | The target partition must meet the following requirements:
| • | The partition must be on a simple disk that is
initialized for basic storage. | | • | The partition must be a primary partition. Extended
drives and logical drives are not supported. | | • | The partition must be formatted by using the NTFS file
system. | | • | The partition must not be compressed. | | • | The cluster size of the partition must be less than 4
KB or equal to 4 KB. | | • | The partition is not using software spanning, software
mirroring, or software RAID.
For more information, click the following
article number to view the article in the Microsoft Knowledge Base: 314343 (http://support.microsoft.com/kb/314343/)
Basic storage versus dynamic storage in Windows XP
Note This tool works correctly in hardware RAID
configurations. | | • | For a split operation, at least 10 percent of the
active partition must remain free after the partition size is reduced by 1.5
gigabytes (GB). | | • | For a merge operation, the partition's total capacity
must be at least 1.5 GB. Also, the partition must have at least 800 MB of free
disk space. |
|
| • | Before you run the BitLocker Drive Preparation Tool on a
Windows Server 2008-based computer, you must first install the BitLocker Drive
Encryption optional component. To do this, follow these steps:
| 1. | Click Start, click Control
Panel, and then double-click Programs and Features.
| | 2. | In Programs and Features, under
Tasks, click Turn Windows features on or off.
If the User Account Control dialog box appears, click
Continue. Or, provide administrator credentials. | | 3. | In the
Features
Summary
field, click AddFeatures, and
then select BitLocker Drive
Encryption.
| | 4. | Click Next, click
Install, click Close, and then click
Yes to restart the computer. |
|
The following chart shows the target system requirements.
Back to the top
Operational overview
Target system configurations
The BitLocker Drive Preparation Tool supports Windows Vista
Ultimate and Windows Vista
Enterprise. This tool successfully creates a split-load configuration
when the active state, the system state and the boot state are all assigned to
the same simple volume.
Default operational procedure
When the BitLocker Drive Preparation Tool starts, it tries to
create a split-load configuration by using the following methods, in order of
preference:
| • | Merge unallocated space with a type 0x7 Windows Recovery
(WinRE) partition |
| • | Create a new partition from unallocated space |
| • | Split an existing partition
Note The tool tries to split the current active partition. If this
action fails, the tool splits the largest available partition. |
| • | Merge unallocated space with the smallest suitable
partition |
Preferred order of operations
The following chart shows the preferred order of operations that
the BitLocker Drive Preparation Tool follows.
Back to the top
Command-line parameters
The BitLocker Drive Preparation Tool uses a simple set of
command-line parameters. These parameters make integration with enterprise
deployment tools more flexible. Enterprise deployment tools include Microsoft
Systems Management Server (SMS) and Microsoft Business Desktop Deployment
(BDD). The parameters also provide customized deployment options. The following
table lists the parameters. The parameters are not case-sensitive.
| Parameter | Description | Notes |
|---|
| [-?] [/?] | Help - Provides a brief description of the
tool's purpose and parameters | |
| [-driveinfo] | Displays the drive letter, the total
size, the maximum free space, and the partition characteristics | Only
valid partitions are listed. Characteristics are noted only for WinRE,
operating system, and unallocated partitions. |
| [-target {unallocated ¦ drive: {shrink ¦
merge}}] | Indicates the desired operation for target partition: create a
new partition from unallocated disk space, split the target partition to create
a new partition, or merge unallocated space with the target
partition | Cannot merge unallocated spaced with the operating system
partition. Unallocated space is not listed if four primary or extended
partitions already exist. |
| [-newdriveletter] ¦ DriveLetter:] | Indicates the drive
letter for the newly created partition | Letters A, B, and C are
excluded. If no letter is indicated, the first available drive letter backward
from S is applied. |
| [-size ¦ SizeInMegabytes] | Indicates the size in
megabytes for the new partition | The minimum size is 1500 MB. At least
10 percent of the target partition must be free after the new partition is
created. |
| [-quiet] | Suppresses confirmation text to avoid user
interaction | |
| [-restart] | Restarts the system immediately after all
operations are complete | Restarts immediately, regardless of open files
or other users logged in. |
Example scenario 1
The target system has a single partition. To prepare the computer
for BitLocker, you want to split the operating system partition. You want the
following conditions to be true:
| • | The size of the new partition is 1500 MB. |
| • | The new partition uses X for the drive letter. |
| • | During the operation, confirmation dialog boxes do not
appear. |
| • | The system restarts when the operation is
complete. |
To use these settings, run the following command at a command
prompt:
BdeHdCfg.exe -target c: shrink -newdriveletter x: -size 1500 -quiet -restart
Example scenario 2
The target system has more than one partition. To prepare the
computer for BitLocker, you want to merge unallocated space with an existing
partition. You want the following conditions to be true:
| • | During the operation, confirmation dialog boxes do not
appear. |
| • | The system restarts when the operation is
complete. |
To use these settings, run the following command at a command
prompt:
BdeHdCfg.exe -target d: merge -quiet -restart
Back to the top
A common problem
You may receive the following error message when you use the
BitLocker Drive Preparation Tool:
[E_BDECFG_NO_CANDIDATES]
The BitLocker Drive Preparation Tool
could not find a target system drive. You may need to manually prepare your
drive for BitLocker.
This error may occur in one of the following
scenarios.
Scenario 1: You do not have sufficient free disk space
At least 10 percent of the active partition must remain free after
the partition size is reduced by 1.5 gigabytes (GB). To resolve this error,
move files to another partition or delete files.
Scenario 2: The partition contains files that cannot be moved
The BitLocker Drive Preparation Tool may resize partitions to
prepare a hard disk for BitLocker. Occasionally, some unmovable files may
prevent the tool from defragmenting and resizing partitions. These files may
include any of the following items:
| • | Page files |
| • | Hibernation files (Hiberfil.sys) |
| • | The registry |
| • | NTFS metadata files. These files include the following
files and others:
| • | $mftmirr | | • | $secure | | • | $volume |
|
This issue may occur even if the operating system is newly
installed.
To work around this error, use one of the following
methods:
| • | Temporarily disable hibernation option and hard disk
paging. Then, use the Windows Preinstallation Environment to delete the
Hiberfil.sys file and the Pagefile.sys file. Restart the computer in Windows
Vista. Then, run the BitLocker Drive Preparation Tool again. |
| • | Reinstall Windows Vista. |
Back to the top
You receive one of the error messages when you run the BitLocker
Drive
Preparation tool on a Windows Server
2008-based
server
When you use the BitLocker Drive Preparation tool
on a Windows Server 2008-based server, you may receive one
of the following error messages:
The BitLocker Drive
Preparation Tool cannot be used in this version of Windows. Upgrade
Windows.
An unexpected error occurred while running the BitLocker Drive
Preparation Tool. You may have to manually prepare your drive for
BitLocker.
Note If you install the BitLocker Drive Preparation Tool from the MSU
package, you will see only the first error message in this topic. However, it
is possible that you copy the binary files from an earlier release of the
BitLocker Drive Preparation Tool. Then, you will see the second error message.
To resolve this issue, install the BitLocker Drive
Encryption optional component. To do this, follow these steps that are
mentioned in the "System requirements" section in this KB.
Back to the top
You receive an error message when you try to enable BitLocker Drive Encryption on an IBM portable computer
When
you try to enable BitLocker Drive Encryption on an IBM
portable computer that is running Windows Vista, you may receive the following
error message:
Insufficient disk space for BitLocker Drive
Encryption to encrypt the drive. Use disk maintenance tools to repair the disk
and try again.
To resolve this problem, follow these
steps.
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 (http://support.microsoft.com/kb/322756/) How to back up and restore the registry in Windows
| 1. | Click Start , type
regedit in the Start Search box, and
then click regedit in the Programs
list. |
| 2. | Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management |
| 3. | Verify the data type of the PagingFiles registry entry. If
the data type is REG_SZ, follow these steps:
| a. | Note the value data for the PagingFiles registry
entry. | | b. | Back up the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management | | c. | Right-click PagingFiles, and then
click Delete. | | d. | Click Yes when you are
prompted. | | e. | On the Edit menu, point to
New, and then click Multi-String
Value. | | f. | Type PagingFiles, and then press
ENTER. | | g. | On the Edit menu, click
Modify. | | h. | In the Value data box, type the value
data that you noted in step 3a, and then click OK. | | i. | Exit Registry Editor. |
|
| 4. | Restart the computer. |
For more information about security for portable computers that
are running Windows Vista, visit the following Lenovo Web site:
The
third-party products that this article discusses are manufactured by companies
that are independent of Microsoft. Microsoft makes no warranty, implied or
otherwise, about the performance or reliability of these
products.
Microsoft provides third-party contact information to help you find technical
support. This contact information may change without notice. Microsoft does not
guarantee the accuracy of this third-party contact information.
Back to the top
