Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: How do I create the "system reserved" partition for use by Bitlocker?

17 Jun 2014   #1
snake2332

Win7 Ent 64-bit
 
 
How do I create the "system reserved" partition for use by Bitlocker?

Hi guys. First post here so take it easy on me, haha.

I installed Windows 7 Enterprise 64-bit edition on my new Lenovo laptop. I captured an image of my machine and deployed the image to several others. Now, we want to start using Bitlocker. However, there is no "system reserved" partition, you know, the 100MB one that Windows automatically creates during install. Turns out that Bitlocker NEEDS this partition.

I can manually create this partition, but I don't think it's useable by Bitlocker. Regardless, I tested this. I created the partition (200mb after shrinking primary partition), rebooted, and ran the manage-bde -status command. There is another drive listed but it's unusable.

Here is the output of that command:

Code:
 
Disk volumes that can be protected with
BitLocker Drive Encryption:
Volume D: [500GB]
[Data Volume]
    Size:                 465.76 GB
    BitLocker Version:    None
    Conversion Status:    Fully Decrypted
    Percentage Encrypted: 0%
    Encryption Method:    None
    Protection Status:    Protection Off
    Lock Status:          Unlocked
    Identification Field: None
    Automatic Unlock:     Disabled
    Key Protectors:       None Found
Volume . []
[Data Volume]
    Size:                 Unknown GB
    BitLocker Version:    None
    Conversion Status:    Fully Decrypted
    Percentage Encrypted: 0%
    Encryption Method:    None
    Protection Status:    Protection Off
    Lock Status:          Unlocked
    Identification Field: None
    Automatic Unlock:     Disabled
    Key Protectors:       None Found
Volume . []
[Data Volume]
    Size:                 Unknown GB
    BitLocker Version:    None
    Conversion Status:    Fully Decrypted
    Percentage Encrypted: 0%
    Encryption Method:    None
    Protection Status:    Protection Off
    Lock Status:          Unlocked
    Identification Field: None
    Automatic Unlock:     Disabled
    Key Protectors:       None Found
FYI, I have 3 disks in my machine:

Disk 0 = Samsung 840 EVO SSD in my Ultrabay, two partitions: 200mb system reserved & rest of space C:
Disk 1 = Whatever brand 500GB 7.2k RPM drive in main drive bay, one partition, drive D:
Disk 2 = Sandisk x110 SSD mSATA 256GB under the keyboard in mSATA slot, several partitions, Windows 8, no drive letters while booted into Win7 on disk 0.

I checked out the system reserved partition on another PC. It has a standard ID07 when viewing partition details in DISKPART. I was thinking it had a special ID to be marked as "system" or whatever, but I guess not. I do know that this partition is usually the first one created, so it starts at block 0 or whatever, but that shouldn't matter.

So now my predicament is that I don't want to have to reimage all of these machines.

Does Bitlocker truly require this other partition (I'm thinking YES), and if so, how can I create it manually and get it to actually work?

I am going to go check out the BCD fix from DriveImageXML. I remember it changing your BCD around to boot differently, so maybe I can make my manually created partition active and then run the BCD fix on it to make it bootable. I really have no idea and am not finding ANYTHING on the web about this. The only thing I keep finding over and over is how to create the partition manually BEFORE installing Windows, not after.

Thanks!


My System SpecsSystem Spec
17 Jun 2014   #2
Brink
Microsoft MVP

64-bit Windows 8.1 Enterprise
 
 

Hello Snake, and welcome to Seven Forums.

If you use the BitLocker wizard to encrypt the OS drive, then BitLocker will automatically create the System Reserved partition for you.

BitLocker Drive Encryption - Windows 7 Drive - Turn On or Off with no TPM

Hope this helps,
Shawn
My System SpecsSystem Spec
17 Jun 2014   #3
snake2332

Win7 Ent 64-bit
 
 

Quote   Quote: Originally Posted by Brink View Post
Hello Snake, and welcome to Seven Forums.

If you use the BitLocker wizard to encrypt the OS drive, then BitLocker will automatically create the System Reserved partition for you.

BitLocker Drive Encryption - Windows 7 Drive - Turn On or Off with no TPM

Hope this helps,
Shawn
Weird, I already replied to this, quoting you, but that reply isn't showing up.

Oh well, I'll just repeat what I said in that post while adding a couple screen shots.

Thanks for the reply. That is good to know that it will create that partition if needed. I should have mentioned in the OP, but I get an error when trying to enable bitlocker on drive C:

There are conflicting settings for recovery options. Contact your system admin. Backup to AD must be turned on or the use of data recovery agents enabed for recovery.

So I think something is set wrong in our group policy. I actually disable the group policy service because I don't agree with some of the setting changes, but we made a special policy just for me to try and automate the bitlocker process. I will insert screenshots of my registry to show my Bitlocker settings. Maybe someone can point me to which setting is causing the failure to encrypt C:. Thanks!


Attached Thumbnails
-bitlocker-regkeys1.jpg   -bitlocker-regkeys2.jpg  
My System SpecsSystem Spec
18 Jun 2014   #4
snake2332

Win7 Ent 64-bit
 
 

Brink was correct about it automatically creating the partition. I had 200MB of unallocated space and it still shrank my C: partition to make room for a 300MB system reserved one.

My problem was believing and relying on the output of the manage-bde -status command. It never did show my C: partition, yet I was able to Bitlock it no problem once the policy was set correctly. Yes, the error message was caused by incorrect policy settings. As soon as I change OSActiveDirectoryBackup to 1, the error doesn't occur. My Windows admin believes he has it set up correctly because it is set to not require AD backup. However, it appears to need it. Group Policy and MBAM 2.5 is more complicated than it needs to be, but we'll get it worked out eventually. For now, I'm encrypted with a static key instead of our desired dynamically-generated key.
My System SpecsSystem Spec
18 Jun 2014   #5
Brink
Microsoft MVP

64-bit Windows 8.1 Enterprise
 
 

Great news.
My System SpecsSystem Spec
Reply

 How do I create the "system reserved" partition for use by Bitlocker?




Thread Tools



Similar help and support threads for2: How do I create the "system reserved" partition for use by Bitlocker?
Thread Forum
Solved "System Reserved" - Options to Skip at installation or Create at 200MB Installation & Setup
Solved Both "System reserved" and "C" partition cloned to external HDD: boot? Installation & Setup
Solved Main drive partition reading as "System Reserved" partition General Discussion
Sugestion of Install with or whitout "system reserved partition" ? Installation & Setup

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:18 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App