locked
How to replace internal hard drive with Bitlocker active? RRS feed

  • Question

  •  know this has been asked before, but so far I've not found a clear answer...

    I want to replace the internal hard drive in my Win 8 Enterprise notebook with an SSD.

    But Bitlocker is enable on the internal hard drive.

    Do I simply...

    1) Turn off Bitlocker (how?)

    2) Do a full backup (I use Acronis True Image Home 2013, which supports Windows 8)

    3) Replace the drive

    4) Restore the backup, using a bootable DVD created by Acronis

    5) Turn Bitlocker on again

    My concern is about steps 1 and 5. Doesn't the process of turning Bitlocker off (or on) require the entire hard drive to be decrypted (or encryted)? Or at least all the used space?

    My present hard drive is only 120 GB (70GB used) and the SSD will likely be only 256GB, so we're not dealing with huge data volumes. But is there any guestimate about how long this might take?

    Thanks!

    DC

    BTW: I tried to post this to the Windows 8 Security forum, but got the "Unexpected Error" problem

    Monday, January 21, 2013 4:12 PM

Answers

  • DadCat,

    You've almost got it right. Backups of a bitlocker volume are not encrypted. That means you don't need to disable bitlocker and can just back up the existing drive and restore to your SSD. Afterward you can re-enable bitlocker and it will encrypt the drive. It will take some time to encrypt the drive, but on an SSD it should go pretty quickly. I think 70GB on a typical hard drive would be a couple hours, so it should be less than that. Of course you can still use the computer while the encryption is running, so it's not like you are dead in the water, just slower.

    The following is not directed at you DadCat.

    <rant>

    Reinstall? That's the best answer people can give? Sheesh... At least try, people.

    Reinstalling a dev box with a lot of tools and third party sdk's and libraries can take forever. It's not like restoring photos of your cat.

    It seems like the only answers these days are: 1) update your bios, 2) contact your manufacturer, 3) reinstall, 4) dead silence or 5) random guess tangentially related to the question.

    </rant>

    • Marked as answer by Nicholas Li Monday, February 4, 2013 9:36 AM
    Thursday, January 24, 2013 5:16 PM

  • Hi,

    I also think it is recommended to perform a clean installation when changing the disk. After this you can restore the files from the old disk to the new one.

    To copy the files from the old disk to the new one, you need to turn off BitLocker on the drives of the old disk:

    Scenario 12: Turning Off BitLocker Drive Encryption (Windows 7)
    http://technet.microsoft.com/en-us/library/ee424315(v=ws.10).aspx

    Thanks.


    Nicholas Li
    TechNet Community Support

    • Marked as answer by Nicholas Li Monday, February 4, 2013 9:36 AM
    Thursday, January 24, 2013 9:12 AM
  • Hi,

    You should

    1. Backup all your relevant files, favourites, documents, etc... to external disk / media / cloud / CD / etc.

    2. Check that you have all the necessary CDs to reinstall all your software components and tools (Windows, Visual Studio, SQL, Service Packs, etc).

    3. Folow these instructions to decrypt all your volumes

    http://windows.microsoft.com/en-CA/windows-vista/What-is-the-difference-between-disabling-BitLocker-Drive-Encryption-and-decrypting-the-volume

    4. Run an image backup of your disk (Acronis, Norton Ghost, whatever) to an USB external disk or a similar media

    5. Restore this image to your new disk (you should typically boot from Acronis or Norton recovery disk)

    6. Check that you can safely boot and log to your computer with its new disk

    6. Re-encrypt your disk


    Sebastian Sajaroff Senior DBA Pharmacies Jean Coutu

    • Marked as answer by Nicholas Li Monday, February 4, 2013 9:36 AM
    Thursday, January 24, 2013 6:03 PM

All replies

  • Fastest and the most error proof way would be running a backup, re-installing OS and getting your data back from your backup.

    StarWind iSCSI SAN & NAS

    • Proposed as answer by Nicholas Li Thursday, January 24, 2013 3:59 AM
    Monday, January 21, 2013 4:19 PM
  • This is a dev system, and has probably 20+ dev tools installed on it, including SQL Server and Visual Studio, in addition to Office and other apps. Last time I "re-installed the OS" (and apps) it took almost 3 days.  So that's not an option.

    DC

    Monday, January 21, 2013 5:05 PM

  • Hi,

    I also think it is recommended to perform a clean installation when changing the disk. After this you can restore the files from the old disk to the new one.

    To copy the files from the old disk to the new one, you need to turn off BitLocker on the drives of the old disk:

    Scenario 12: Turning Off BitLocker Drive Encryption (Windows 7)
    http://technet.microsoft.com/en-us/library/ee424315(v=ws.10).aspx

    Thanks.


    Nicholas Li
    TechNet Community Support

    • Marked as answer by Nicholas Li Monday, February 4, 2013 9:36 AM
    Thursday, January 24, 2013 9:12 AM
  • DadCat,

    You've almost got it right. Backups of a bitlocker volume are not encrypted. That means you don't need to disable bitlocker and can just back up the existing drive and restore to your SSD. Afterward you can re-enable bitlocker and it will encrypt the drive. It will take some time to encrypt the drive, but on an SSD it should go pretty quickly. I think 70GB on a typical hard drive would be a couple hours, so it should be less than that. Of course you can still use the computer while the encryption is running, so it's not like you are dead in the water, just slower.

    The following is not directed at you DadCat.

    <rant>

    Reinstall? That's the best answer people can give? Sheesh... At least try, people.

    Reinstalling a dev box with a lot of tools and third party sdk's and libraries can take forever. It's not like restoring photos of your cat.

    It seems like the only answers these days are: 1) update your bios, 2) contact your manufacturer, 3) reinstall, 4) dead silence or 5) random guess tangentially related to the question.

    </rant>

    • Marked as answer by Nicholas Li Monday, February 4, 2013 9:36 AM
    Thursday, January 24, 2013 5:16 PM
  • Hi,

    You should

    1. Backup all your relevant files, favourites, documents, etc... to external disk / media / cloud / CD / etc.

    2. Check that you have all the necessary CDs to reinstall all your software components and tools (Windows, Visual Studio, SQL, Service Packs, etc).

    3. Folow these instructions to decrypt all your volumes

    http://windows.microsoft.com/en-CA/windows-vista/What-is-the-difference-between-disabling-BitLocker-Drive-Encryption-and-decrypting-the-volume

    4. Run an image backup of your disk (Acronis, Norton Ghost, whatever) to an USB external disk or a similar media

    5. Restore this image to your new disk (you should typically boot from Acronis or Norton recovery disk)

    6. Check that you can safely boot and log to your computer with its new disk

    6. Re-encrypt your disk


    Sebastian Sajaroff Senior DBA Pharmacies Jean Coutu

    • Marked as answer by Nicholas Li Monday, February 4, 2013 9:36 AM
    Thursday, January 24, 2013 6:03 PM