Bruce and I are doing a double whammy tomorrow with him doing a Future of the Desktop Tour event in Ottawa and me in Quebec City. Sitting here in my hotel room in Quebec City reflecting on last week's two stops on the west coast - Vancouver and Calgary - wondering how a Quebec audience will take to an anglophone, I remember some questions I got on BitLocker last week.
As Bruce and I showed during the Vista Technical Overview session in the morning, BitLocker requires that you have two partitions on your hard disk in order to make it work. The first partition needs to be about 450MB in size and will hold the boot files. The second partition can be as big as the rest of the drive, hold all of your data including the Windows Vista operating system files, and will be encrypted in its entirety. A document on how to configure BitLocker can be found on the Windows Vista main page. Information on BitLocker can also be found on the BitLocker information page, where you can also get information on how to configure the Trusted Platform Module (TPM) services on your computer.
One of the folks that attended the tour in Vancouver sent me an email asking for more info on how to configure BitLocker on an existing system. Here is what he said:
Hello Bruce & Damir,
I really enjoyed the technet session that took place here in Vancouver, BC. What a turn out! I was hoping you would be able to direct me to a resource that would give me step-by-step instructions to “Enable Bitlocker on a Pre-Installed version of Vista”. I have been unable to locate these instructions anywhere on the net! At a minimal, could you please note the files that need to be copied over to the new partition via ‘command line?”
That is a good question, and one which is not addressed by the BitLocker information page on the Windows Vista web site. Luckily, the answer is quite straightforward. The process to enable BitLocker on an already-installed Windows Vista computer is:
- Boot from the Windows Vista DVD and modify your partition structure to shrink your existing partition by 450MB and create a new primary partition with that space, and make it the active partition. This is documented quite well in Scenario 1 of the BitLocker Step-By-Step Guide.
- For the Recovery Console command prompt on the new partition (we'll call it drive S and the existing Windows Vista partition drive C), create a diretcory called BOOT (MKDIR S:\BOOT).
- Copy the boot manager from the C drive to the S drive (XCOPY C:\BOOTMGR S:\ /H)
- Copy the contents of C:\BOOT to S:\BOOT including all subdirectories (XCOPY C:\BOOT S:\BOOT /CHERKY).
- Set the proper attributes on the S:\BOOT directory so that it is hidden and recognized as a system directory, as well as it's contents (ATTRIB +R+H+S S:\BOOT).
- Reboot the computer.
That's all there is to it. The key is to make sure that you set the S: drive as the active partition to allow Windows Vista to boot from it. Once you have booted from it, configure BitLocker as described in the BitLocker Step-By-Step Guide.
Another question that I got a few times over the weekend and also last week has to do with the installation of Microsoft Office 2007 on Windows XP. A few people indicated that when they install Office 2007 the installation goes through and then displays a message that it has failed. I have seen this a couple of times myself and am still not sure why it happens. The installation may have mostly succeeded but the last couple of steps need to be done again. To correct the problem:
- Make sure you are running the installation as an Administrator on your Windows XP machine.
- If the install fails, close the Office 2007 installation program.
- Run the Office 2007 setup program again and when prompted select the option to repair the installation. The second time through it should work fine.
Like I said, I had the same issue on one of my computers and this fixed it.
Now, time to practice my (very limited) French so that I can let the audience know that I really can't speak it......