Page 1 of 1

Bitlocker and auto-unlock

PostPosted: Sat Dec 16, 2017 3:33 pm
by crawfish
I just read the KB article on Bitlocker, and I believe it says you can restore a "Type A" (unencrypted) system image to the same drive such that it will be re-encrypted during the restore, provided you unlock the system partition in TBWinRE before restoring. Is this correct? If so, that's great, because I've not been doing that, and I've had to re-encrypt after the restore inside Windows. What I'm also wondering is the effect it has on auto-unlock, which gets messed when one re-encrypts as described here, along with a cumbersome fix:

https://www.mcbsys.com/blog/2010/08/re- ... e-restore/

Is this problem avoided by unlocking the system partition in TBWinRE before restoring? Would my auto-unlock partitions work normally when I reboot after the restore?

Re: Bitlocker and auto-unlock

PostPosted: Sun Dec 17, 2017 12:11 am
by TeraByte Support(PP)
That's correct. In my tests with auto-unlock it still worked after restoring. However, if the restore isn't successful for some reason then you'd have to revert to what you've been doing (re-encrypt afterwards, etc.). In some cases, it may also help to use the "Write Changed Sectors Only" option when restoring to the unlocked partition.

Re: Bitlocker and auto-unlock

PostPosted: Sun Dec 17, 2017 5:29 am
by crawfish
That's awesome! It never occurred to me to unlock the system partition in TBWinRE before restoring.

Re: Bitlocker and auto-unlock

PostPosted: Sun Sep 09, 2018 2:20 pm
by crawfish
OK, I've just had reason to try restoring a Windows 10 system drive backup, and though I unlocked the destination system partition in WinRE, it restored unencrypted. Reviewing the KB article, I think this is what messed me up:

https://www.terabyteunlimited.com/kb/article.php?id=616

"Restoring an entire disk Type A backup image (e.g. a backup of the Windows disk taken using VSS) will result in the restored partition not being encrypted even if the encrypted destination partition was unlocked. You would need to enable BitLocker on the partition to encrypt it."

My question now is, should I have just restored "MBR 1" instead of the entire drive, which includes "System Reserved"? I have no idea what Windows does with System Reserved, so to be safe, it never occurred to me NOT to restore it. However, I just wanted to revert some ordinary application-level changes that didn't work out.

Re: Bitlocker and auto-unlock

PostPosted: Sun Sep 09, 2018 2:35 pm
by Brian K
If you restore an Entire Drive image then the previously encrypted partition will need to be re-encrypted. You must restore a partition and not the entire drive (although the partition image restored can be part of an Entire Drive image). It only works if you restore the Win10 image to the Win10 partition on the same HD. You already know you must restore to an unlocked partition.

Re: Bitlocker and auto-unlock

PostPosted: Sun Sep 09, 2018 2:53 pm
by crawfish
So just to be clear, not restoring the "System Reserved" partition is OK? Or should it be restored on a single partition basis, too?

Re: Bitlocker and auto-unlock

PostPosted: Sun Sep 09, 2018 3:21 pm
by Brian K
crawfish wrote:
> So just to be clear, not restoring the "System Reserved"
> partition is OK?

Sure. In general there is no need to restore this partition when you are restoring the Win10 partition to the same HD. When you restore the Win10 partition remember it is NOT the Active partition so don't set it Active.

Re: Bitlocker and auto-unlock

PostPosted: Mon Sep 10, 2018 1:02 pm
by crawfish
Got it, thanks.