Jump to content
  • 0

Is DrivePool compatible with Bitlocker encryption?


kaphonius

Question

6 answers to this question

Recommended Posts

  • 0

You cannot encrypt the DrivePool drive, but you CAN encrypt the disks in the pool. 

 

The BitLocker setting that otispresley mentions is specifically for that purpose in fact.

 

 

However, you will need to unlock each disk before the pool will become available. And you'll have to do this each time you reboot. And the simplest way to accomplish this is to encrypt the system drive as well. That is the only way to automatically unlock the encrypted drives. And if you don't have a TPM module on your motherboard (95% chance that you don't, they're not standard).... then you'll need to use the password/usb drive method to encrypt/unlock the system.

Link to comment
Share on other sites

  • 0

There is supposed to be an "automatically unlock" option on non-system disks. But this option is only allowed when the system disk is also encrypted. That way, once the system boots, the system is completely readable and unlocked. 

Otherwise, you're stuck unlocking all the drives manually, every time the system boots.

 

 

http://windows.microsoft.com/en-US/windows7/How-do-I-use-the-unlock-options-in-BitLocker-Drive-Encryption

Check the "automatically unlock" option.

 

But to encrypt the system drive, you need a TPM module usually. Most consumer boards don't have this. But some higher end gaming boards do have a TPM header. Which you can then install a TPM module (buy off Amazon for like $25). Alternatively, you can disable the need for the TPM module, using a "secpol hack" Windows 8 uses a password, IIRC. But Windows 7 (and WHS2011) use a USB key to store the bitlocker information on). So during the boot process, you'd need to input a password, or make sure the USB flash drive is installed.

 

Here is the link for said "secpol hack":

http://www.howtogeek.com/howto/6229/how-to-use-bitlocker-on-drives-without-tpm/

Link to comment
Share on other sites

  • 0

You are very welcome.

 

It also helps that I've been looking into this a lot lately, and my next server motherboard will support a TPM module. :)

 

 

But don't forget, that either way, you will need that BitLocker_PoolPartUnlockDetect setting enabled for DrivePool. Either way, there is a wait period after boot before the non-system drives are unlocked.

 

 

If you have any other questions, don't hesitate to ask.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...