question

spinlock-8600 avatar image
0 Votes"
spinlock-8600 asked Miles-MSFT commented

Win10 Workstation: Can not enable BItlocker on System/Fixed drives

Installed Windows 10 Workstation 20H2, 19042.985 1 week ago on a virgin 2TB SSD on a motherboard with hardware TPM module.

Windows installation, only asking me to select the drive(which had no partitions at the time), installed the following:
partition 1: 100 MB "(EFI System Partition)"
partition 2: 1907.13GB "( Boot, Page File, Crash Dump)"
partition 3: 499MB "Recovery Partition"

I then mirrored the system partition on a second SSD. NOTE: Windows would no let me mirror the EFI partition or the Recovery partition, when I right-click them "Help" is the only option. My current system allowed me to mirror all partitions on same setup(2 - 2TB SSDs) and Windows install did not break up the support partitions in this weird way.!

I then tried to turn on Bitlocker on C:, but it fails simply saying "The drive cannot be encrypted."

In my research, I found that Bitlocker has specific partition requirements, like a free, 100MB minimum "Active Partition" with at least 50MB free. I cant mount the EFI or Recovery partitions because when I right-click, only option is "Help", so I have no way of knowing how much is free.

I am willing to reload Win10 to get everything, mirroring(all partitions) and Bitlocker, working, but want to know how to pre-partition so Win10 installer AND Bitlocker will be happy.

What pre-created partition sizes and types will allow Bitlocker and with mirroring(all partitions) of the system drive?

VERY IMPORTANT: Also, need to know exactly what type each partition must be. EFI is staright forward, I assume the system is a PRIMARY, but don't know what the Recovery partition would be, these are diskpart's choices:
EFI - Create an EFI system partition.
EXTENDED - Create an extended partition.
LOGICAL - Create a logical drive.
MSR - Create a Microsoft Reserved partition.
PRIMARY - Create a primary partition.

thanks!

windows-10-setup
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Miles-MSFT avatar image
0 Votes"
Miles-MSFT answered

Hi
Could you please take a screen shot of disk management ?
Bitlocker can only be adapted to OS disk and Data disk, it can not encrypt system partition or recovery partition.
The best method is to clean install using media creation tool. We could define partitions in windows PE..

In windows 10 , the only method of built-in mirroring is storage space.
You could refer to this link https://support.microsoft.com/en-us/windows/storage-spaces-in-windows-10-b6c8b540-b8d8-fb8a-e7ab-4a75ba11f9f2

Best regards
Miles

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

spinlock-8600 avatar image
0 Votes"
spinlock-8600 answered Miles-MSFT commented

Hi Miles,

The best method is to clean install using media creation tool.

As I said, that is what I did. The 2TB SSD I install onto had no partitions when I started.

the only method of built-in mirroring is storage space.

That is not true. You can right click on a standard partition in Disk Mgmt and you will get options to create mirror(if you have large enough free partition on some other drive). As you can tell from my screenshot, the "( Boot, Page File, Crash Dump)" partition is mirrored.![96776-systemdrives.jpg][1]


[1]: /answers/storage/attachments/96776-systemdrives.jpg

systemdrives.jpg (90.1 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi
Here is a similar link you could refer to https://www.tenforums.com/antivirus-firewalls-system-security/140264-cant-get-bitlocker-encrypt-c-drive.html about encrypting C, which may
be helpful to solve your problem.
With regard to mirroring all partitions of the system drive , we could only create (boot, page file ,crash dump ) partition , recovery partition could not be mirrored in Disk Mgmt by default.

0 Votes 0 ·