none
How can we encrypt +2TB System partitions with Bitlocker? RRS feed

  • General discussion

  • Hello Everyone,

    I have just replaced a 1TB SSD in my laptop with a 4TB SSD. I have decrypted the 1TB first, backup, replace disk and restore from backup on the new 4TB drive. The restore function created 1TB MBR partition - identical to what I was having on the 1TB drive.

    Knowing the limitations of MBR disks, I have converted to GPT before extending the partition to 4TB. So far so good but... I am not able now to encrypt the partition with Bitlocker. I searched a lot on internet and finally I found that GPT (dynamic disks) are not supported by Bitlocker.

    Question: since +2TB drives are now used on a large scale and since laptops should be protected using encryption, what is Microsoft doing to support these needs?

    Let me tell you something about MBR not supporting +2TB partitions... my desktop has one MBR data partition of 10TB (Bites Per Physical Sector: 4096) defined over a HW RAID 1, encrypted with Bitlocker. And I can access all data with no problems. On the same machine I have another partition of 8TB, same MBR (Bites Per Physical Sector: 512), no RAID, also encrypted with BitLocker.
    Considering all the above, why do I see MBR limitations to 2TB everywhere?!

    My concern: I will restore my 1TB again to the new 4TB, I won't convert to GPT but keeping MBR to support Bitlocker. I will use Diskpart to expand the 1TB partition to 4TB, then I will encrypt it... Would this setup will be able to boot?
    Keep in mind I am talking about a system MBR partition now, not a data MBR partition.

    Any thoughts are welcome / Thanks in advance for your support!

    George Costache
    --former Microsoft AD PFE--


    George Costache

    Wednesday, December 12, 2018 3:43 PM

All replies

  • Hi,

     

    According to my research, BitLocker can encrypt data driver and when it encrypts operation system driver, it will create a system reserved partition.

     

    BitLocker has no restrictions on the size of the encrypted driver. Based on your situation, encrypting 4TB System partitions with BitLocker takes at least 72 hours.

     

    Best Regards


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, December 13, 2018 7:36 AM
    Moderator
  • Hi,

    Was your issue solved?

    If yes, would you like to share your solution in order that other community members could find the helpful reply quickly.

    If no, please reply and tell us the current situation in order to provide further help.

    Best


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, December 17, 2018 12:41 PM
    Moderator
  • GPT does not mean the disk is dynamic. Dynamic disks are unsupported, GPT disks are supported.

    Please give me an idea what the error message is when you try to encrypt the drive.

    Monday, December 17, 2018 7:51 PM
  • Any update?


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Wednesday, December 19, 2018 7:42 AM
    Moderator