Manually enable Bitlocker on Hyper-V Gen 2 Virtual Machine

Yes, you can automatic enable Bitlocker on your Hyper-V Gen 2 virtual machine during OSD, please read Niall Brady’s post https://www.windows-noob.com/forums/topic/12608-how-can-i-enable-bitlocker-on-hyper-v-gen-2-virtual-machines-during-osd-using-system-center-2012-r2-configuration-manager/

But if you already install a Hyper-V Gen 2 virtual machine, and you want to enable bitlocker, you can do it manually.

Wait a sencond, why do I want bitlocker on my virtual machine? Well, I need to test how bitlocker effect Windows 10 InPlace Upgrade. sepecially when using bitlocker start up PIN. So in virtual machine, I can setup bitlocker start up password, and see does SCCM know how to suspend the bitlocker password and continue InPlace upgrade.

Here are the steps:

  1. Open cmd as administrator.
  2. Set AES-256 Engryption
    REG.exe add "HKLM\Software\Policies\Microsoft\FVE" /v "EncryptionMethod" /t REG_DWORD /d 2

     

  3. Allow enable bitlocker for no TPM chip
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseAdvancedStartup /t REG_DWORD /d 00000001 /f
    
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v EnableBDEWithNoTPM /t REG_DWORD /d 00000001 /f
    
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseTPM /t REG_DWORD /d 00000002 /f 
    
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseTPMPIN /t REG_DWORD /d 00000002 /f
    
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseTPMKEY /t REG_DWORD /d 00000002 /f
    
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseTPMKeyPIN /t REG_DWORD /d 00000002 /f

    bitlocker1Set AES-256 and enable allow bitlocker without TPM

  4. Enable bitlocker with password
    manage-bde -on C: -pw

     

  5. Create a password, you won’t see anything when you type it.
    bitlocker2

    Enable bitlocker on C: Drive and create password

     

  6. Restart virtual machine, it will ask for your bitlocker password.
    bitlocker3
  7. Check if you C drive has bitlocker enabled.
    bitlocker4

Continue reading

#bitlocker, #windows10