Lenovo ThinkCentre E93 (English) Rescue and Recovery 4.3 Deployment Guide - Page 22

Best practice of BitLocker encryption on a system with the Rescue and Recovery program

Get Lenovo ThinkCentre E93 PDF manuals and user guides View all Lenovo ThinkCentre E93 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 22 highlights

2. Click Computer Configuration → Windows Components → BitLocker Drive Encryption → Operating System Drives. 3. Enable the Require additional authentication at startup option 4. Select the option Allow BitLocker without a compatible TPM. Best practice of BitLocker encryption on a system with the Rescue and Recovery program To have the Rescue and Recovery program work correctly with BitLocker in Windows 7, the best practice is: 1. Uninstall the Rescue and Recovery program if it has been installed. 2. Restart the computer and use the BitLocker Drive Preparation Tool to prepare the system for BitLocker Drive Encryption. 3. Install the Rescue and Recovery program and restart the computer. 4. Start BitLocker from Control Panel and choose the partition to encrypt. Note: It is recommended to encrypt the Windows operating system partition (usually drive C) only. 5. Click Turn on BitLocker, and follow the instruction on the screen to encrypt the chosen partition. After that, a recovery key is automatically created. 6. Save the recovery key to a USB storage device. Note: Keep the USB storage device in a secured place. The recovery key is needed when booting to Windows 7 or the Rescue and Recovery workspace. The BitLocker encryption will be lost if the hard disk drive is cleared by the Diskpart commands or other hard disk tools. 7. Wait until the encryption process completes. After that, you can use the Rescue and Recovery program to perform backup and restore operations. For more information about BitLocker, go to the Microsoft Web site at: http://support.microsoft.com/kb/933246/ Notes: 1. When setting up BitLocker in Windows 7, the BitLocker partition should be after the Windows operating system partition for best results. If it is placed before the Windows operating system partition, the partition number will need to be updated in the Rescue and Recovery ADM settings. 2. When restoring a system that is using Windows 7 and BitLocker, a message will display, indicating that there was an error at shutdown. The message can be ignored and everything should operate normally. 3. For OEM or non-Lenovo standard preload systems, you need to suspend the encryption of the Windows operating system partition when performing any backup or restore operations using the Rescue and Recovery program, otherwise the Rescue and Recovery program will not enter PDA. 4. You might need to clear the TPM and encrypt the partitions again after restoring the system from a backup with BitLocker encryption. 14 Rescue and Recovery 4.3 Deployment Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
2.
Click
Computer Configuration
Windows Components
BitLocker Drive
Encryption
Operating System Drives
.
3.
Enable the
Require additional authentication at startup
option
4.
Select the option
Allow BitLocker without a compatible TPM
.
Best practice of BitLocker encryption on a system with the
Rescue and Recovery program
To have the Rescue and Recovery program work correctly with BitLocker in
Windows 7, the best practice is:
1.
Uninstall the Rescue and Recovery program if it has been installed.
2.
Restart the computer and use the BitLocker Drive Preparation Tool to prepare
the system for BitLocker Drive Encryption.
3.
Install the Rescue and Recovery program and restart the computer.
4.
Start BitLocker from Control Panel and choose the partition to encrypt.
Note:
It is recommended to encrypt the Windows operating system partition
(usually drive C) only.
5.
Click
Turn on BitLocker
, and follow the instruction on the screen to encrypt
the chosen partition. After that, a recovery key is automatically created.
6.
Save the recovery key to a USB storage device.
Note:
Keep the USB storage device in a secured place. The recovery key is
needed when booting to Windows 7 or the Rescue and Recovery workspace.
The BitLocker encryption will be lost if the hard disk drive is cleared by the
Diskpart commands or other hard disk tools.
7.
Wait until the encryption process completes. After that, you can use the Rescue
and Recovery program to perform backup and restore operations.
For more information about BitLocker, go to the Microsoft Web site at:
Notes:
1.
When setting up BitLocker in Windows 7, the BitLocker partition should be
after the Windows operating system partition for best results. If it is placed
before the Windows operating system partition, the partition number will need
to be updated in the Rescue and Recovery ADM settings.
2.
When restoring a system that is using Windows 7 and BitLocker, a message
will display, indicating that there was an error at shutdown. The message can
be ignored and everything should operate normally.
3.
For OEM or non-Lenovo standard preload systems, you need to suspend the
encryption of the Windows operating system partition when performing any
backup or restore operations using the Rescue and Recovery program,
otherwise the Rescue and Recovery program will not enter PDA.
4.
You might need to clear the TPM and encrypt the partitions again after
restoring the system from a backup with BitLocker encryption.
14
Rescue and Recovery 4.3 Deployment Guide