TechTalkz.com Logo Ask the Experts!

Go Back   TechTalkz.com Technology & Computer Troubleshooting Forums > Tech Support Archives > Microsoft > Windows Deployment

bit locker

Windows Deployment

 
 
Thread Tools Display Modes
Unread 28-11-2007, 12:23 PM   #1
wsms
Guest
 
Posts: n/a
bit locker

Through BDD2007 if I want to set up bit locker with a partition size of 2 GB
what is the best way to do this?
I have the understanding that the drive that will be used for bit locking
will have to be the active partition.
Is there a sample of the unattanded XML file or the configuration of the
database that could be used?



Sponsored Links
 
Unread 28-11-2007, 12:23 PM   #2
Ben Hunter (MS)
Guest
 
Posts: n/a
Re: bit locker

If you are using Lite Tocuh then BDD has built in functionalty to do
this have a look in the command reference here are some settings you
can apply:

BDEDriveLetter=S:
BDEDriveSize= 2000
BDEInstall=ProtectKeyWithTpmAndPin
BDEPin=123456789
BDERecoveryKey=TRUE
BDERecoveryPassword=TRUE
BDERequired=YES
BDEKeyLocation=\\NYC-AM-FIL-01\RecoveryKey\%ComputerName%


If you are using ZTI then you may want to create a custom action in
the task sequence that configures bitlocker during the state restore
phase.

Thanks,
Ben Hunter
http://blogs.technet.com/benhunter

 
Unread 28-11-2007, 12:23 PM   #3
wsms
Guest
 
Posts: n/a
Re: bit locker

During the rollout should I sepcify the settings in the ustom settings ini
file?

In the diskpart.txt I have this settings
------
select disk 0
clean
create partition primary size =2000
assign letter=S:
format fs=ntfs quick
create partition primary
assign letter=c:
active
exit
------

While the image is applied the drive letter is S. (Ichecked it in dos while
the image was applying to the drive.
After Vista comes up the drive letter truns to be drive letter "d"
I am using the install.wim to apply the image through bdd 2007.
So If I add your script to the customsettings.ini then should the bit locker
work?

Please let me know.
Thanks


"Ben Hunter (MS)" <Ben.hunter@microsoft.com> wrote in message
news:1179307741.085445.206910@l77g2000hsb.googlegr oups.com...
> If you are using Lite Tocuh then BDD has built in functionalty to do
> this have a look in the command reference here are some settings you
> can apply:
>
> BDEDriveLetter=S:
> BDEDriveSize= 2000
> BDEInstall=ProtectKeyWithTpmAndPin
> BDEPin=123456789
> BDERecoveryKey=TRUE
> BDERecoveryPassword=TRUE
> BDERequired=YES
> BDEKeyLocation=\\NYC-AM-FIL-01\RecoveryKey\%ComputerName%
>
>
> If you are using ZTI then you may want to create a custom action in
> the task sequence that configures bitlocker during the state restore
> phase.
>
> Thanks,
> Ben Hunter
> http://blogs.technet.com/benhunter
>



 
Unread 28-11-2007, 12:23 PM   #4
wsms
Guest
 
Posts: n/a
Re: bit locker

Sponsored Links
Also, in this case if I want to refresh my machine while Vista is on the
system by running the BDD_Autorun.wsf
on vista, the script erros out because drive C is not on the first
partition.
How would you overcome this problem that drive C would be the first
partition during the build and drive S would be the second partion on disk
0?
thanks for the help

"wsms" <wsms@sms.com> wrote in message
news:OvIL9qJmHHA.4840@TK2MSFTNGP04.phx.gbl...
> During the rollout should I sepcify the settings in the ustom settings ini
> file?
>
> In the diskpart.txt I have this settings
> ------
> select disk 0
> clean
> create partition primary size =2000
> assign letter=S:
> format fs=ntfs quick
> create partition primary
> assign letter=c:
> active
> exit
> ------
>
> While the image is applied the drive letter is S. (Ichecked it in dos
> while the image was applying to the drive.
> After Vista comes up the drive letter truns to be drive letter "d"
> I am using the install.wim to apply the image through bdd 2007.
> So If I add your script to the customsettings.ini then should the bit
> locker work?
>
> Please let me know.
> Thanks
>
>
> "Ben Hunter (MS)" <Ben.hunter@microsoft.com> wrote in message
> news:1179307741.085445.206910@l77g2000hsb.googlegr oups.com...
>> If you are using Lite Tocuh then BDD has built in functionalty to do
>> this have a look in the command reference here are some settings you
>> can apply:
>>
>> BDEDriveLetter=S:
>> BDEDriveSize= 2000
>> BDEInstall=ProtectKeyWithTpmAndPin
>> BDEPin=123456789
>> BDERecoveryKey=TRUE
>> BDERecoveryPassword=TRUE
>> BDERequired=YES
>> BDEKeyLocation=\\NYC-AM-FIL-01\RecoveryKey\%ComputerName%
>>
>>
>> If you are using ZTI then you may want to create a custom action in
>> the task sequence that configures bitlocker during the state restore
>> phase.
>>
>> Thanks,
>> Ben Hunter
>> http://blogs.technet.com/benhunter
>>

>
>




Sponsored Links
 
 

Thread Tools
Display Modes



< Home - Windows Help - MS Office Help - Hardware Support >


New To Site? Need Help?

All times are GMT. The time now is 12:30 PM.


vBulletin, Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Copyright © 2005-2016, TechTalkz.com. All Rights Reserved - Privacy Policy
Valid XHTML 1.0 Transitional