Information Technology Services
Information Technology Services

BitLocker Instructions for Windows Vista Enterprise and Ultimate

Note: Your system must meet the minimum system requirements. ITServices recommends upgrading your Vista operating system to Windows 7 or Windows 8.

If you have Vista Enterprise, you need to install the drive preparation tool.

If you have Vista Ultimate, you already have the drive preparation tool. Follow the instructions below.

When you install this tool, the tool adds an item to the Start menu. To start the BitLocker Drive Preparation Tool, use one of the following methods:

  1. Click Start, point to All Programs, click Accessories, click System Tools, click BitLocker, and then double-click BitLocker Drive Preparation Tool.
  2. Click Start, type BitLocker in the Start Search text box, and then click BitLocker Drive Preparation Tool in the Programs list.

After the tool finishes preparing the drive, you must restart the computer. Then you can use the Security item in Control Panel to enable BitLocker.

To encrypt drives and to verify boot integrity, BitLocker requires at least two partitions. These two partitions make up a split-load configuration. A split-load configuration separates the main operating system partition from the active system partition from which the computer starts.

The BitLocker Drive Preparation Tool automates the following processes to make the computer ready for BitLocker:

  • creating the second volume that BitLocker requires;
  • migrating the boot files to the new volume; and
  • making the volume an active volume.

When the tool finishes, you must restart the computer to change the system volume to the newly created volume. After you restart the computer, the drive will be configured correctly for BitLocker. You may also have to initialize the Trusted Platform Module (TPM) before you turn BitLocker on.

After your computer restarts, you should return to BitLocker:

  • Click Start, choose Control Panel, then BitLocker Drive Encryption
  • Click Manage BitLocker Keys

You should make multiple copies of your encryption key. For safekeeping, make one copy to a USB key and make one copy to a folder on the machine, and then email the key to a trusted source. You should then delete the key file stored in the folder you chose above.

To turn on TPM, you will need to boot into the BIOS on the computer (see manufacturer for details on BIOS access), and enable TPM in the security tab.