30
- September
2016
Posted By : Zeng Yinghua (Sandy)
How to manually enable Bitlocker on Hyper-V Gen 2 Virtual Machine

You can automatic enable Bitlocker on your Hyper-V Gen 2 virtual machine during OSD, please read Niall Brady’s post Here
But if you already install a Hyper-V Gen 2 virtual machine, and you want to enable bitlocker, you can do it manually. Here are the steps:

  1. Open cmd as administrator
  2. Set XTS-AES256 Engryption
    REG.exe add "HKLM\Software\Policies\Microsoft\FVE" /v "EncryptionMethod" /t REG_DWORD /d 7
  3. Allow enable bitlocker for no TPM chip
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseAdvancedStartup /t REG_DWORD /d 00000001 /f 
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v EnableBDEWithNoTPM /t REG_DWORD /d 00000001 /f 
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseTPM /t REG_DWORD /d 00000002 /f 
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseTPMPIN /t REG_DWORD /d 00000002 /f 
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseTPMKEY /t REG_DWORD /d 00000002 /f 
    REG.exe ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" /v UseTPMKeyPIN /t REG_DWORD /d 00000002 /f
  4. Add recoverypassword
    manage-bde.exe -protectors -add C: -recoverypassword
  5. Enable bitlocker with password
    manage-bde -on C: -pw
  6. Create a password, you won’t see anything when you type it.
  7. Restart virtual machine, it will ask for your bitlocker password
  8. Check if you C drive has bitlocker enabled.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.