Bitlocker Drive Encryption allows encryption of Windows partitions and provides a secure startup process when in use with a TPM (a crypto chip on the motherboard). Windows "8" Beta provides
Used Disk Space Only option with allows for a much quicker encryption experience by only encrypting used blocks on the targeted volume.
Note: a Bitlocker compatible machine is required. See
Note: be sure to leave enough unpartitioned space for Windows
See other post “How to use Windows Boot Manager to boot Linux”
Create 2 primary NTFS-formatted partitions on the disk: one active, 1.5GB size minimum and another larger (all the rest for instance with a minimum of 8.5GB). The actice partition will be used to boot the machine and will
remain unencrypted while the latter will host Windows and will be encrypted when we activate Bitlocker.
You can use
diskpart to do this:
Install Windows on the largest NTFS partition.
See other post “How to use Windows Boot Manager to boot Linux”.
Because these instructions differ according to manufacturer and BIOS version, see instructions in your computer's manual or support website.
See BitLocker documentation, like
Install R2 into a .vhd on a second drive (multibay on a laptop) or partition using the WIM2VHD script. See
http://blogs.technet.com/keithcombs/archive/2009/06/17/automating-boot-from-vhd-os-installation.aspx for some information on that. The script when done dismounts the VHD.
This can be done using the GUI Disk Manager or via the command line with
From an elevated cmd consol:
Bcdboot <driveletter>:\windows for the location of the R2 mounted image. Bcdboot is part of the AIK installed in the WDT image.
Make sure to have a USB stick handy for storage of the recovery key.
Use the USB stick and the recovery password.
NOTE: If you are planning on running the Hyper-V role, most likely you’ll need to fix the BCD store. Use the “bcdedit /set hypervisorlaunchtype auto” command from an elevated cmd prompt.
EasyBCD 2.1.2 is a third party tool that allows you do dual-boot between Windows 7, Windows Vista, older versions of Windows such as XP & 2003, Linux, Ubuntu, BSD, and Mac OS X.
NOTE: you will not be able to access the volume encrypted with Bitlocker after this procedure. For most dual- or multi-boot scenarios, such as dev/test, this is fine.
Partition your hard disk in advance or shrink the OS volume after Windows installation like this
Make sure the empty partition is big enough for whatever you want to do with the other OS…
Install the other OS to partition 3to partition 3, but make sure that its boot files are also on partition 3! Most Linux OS distros will attempt to make changes to the MBR or install their own bootloader in partition 1, and use that to pass the boot process
off to Windows. This will break BitLocker because it invalidates the boot-time chain of trust. To be safe, just make sure that everything the other OS wants to do is pointed at partition #3.
Choose “Add New Entry” and click on the Linux tab, then add the appropriate entry for whatever you are installing.
The final result should look something like this:
Reboot to make sure it works, you should see a black and white menu that lets you choose which OS to boot during startup.
Boot into Windows and enable BitLocker as you normally would.