Solved

Bitlocker on Administrative Shares

Posted on 2013-01-23
5
978 Views
Last Modified: 2013-02-18
I have a win8 workstation that is not domain enabled. The only hard disk on it is bitlocker enabled with TPM. Is it correct that any other machines will not be able to access the Administrative Shares of this workstation?

Not even the Domain Administrator on which this workstation is connected to?
0
Comment
Question by:frukeus
  • 2
5 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 38809963
Hi.

The encryption Bitlocker does not protect the drive when the key is entered and the drive is mounted, so the answer is "no".
0
 
LVL 1

Author Comment

by:frukeus
ID: 38812861
But this is not an external drive....it is the system drive.

I can understand that when an external drive is connected and key entered, the entire drive is visible to the connected machine. But Bitlocker should protect a system drive from remote access via admin shares since the remote system has no way of entering a key, rite?
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 38816682
No, not correct, sorry. Bitlocker does not do anything to protect from against unwanted network access.
Whenever your system starts, c: is mounted after you enter the PIN (if you use a PIN together with your TPM... you should). After it's mounted and windows has booted, the server service shares the shared folders. If we let alone default settings in win7, c: would not be shared, there would be no c$. Only after setting the registry key LocalAccountTokenFilterPolicy (see http://helgeklein.com/blog/2011/08/access-denied-trying-to-connect-to-administrative-shares-on-windows-7/ ), it would be shared and accessible.
No Bitlocker involved.
0
 
LVL 59

Expert Comment

by:LeeTutor
ID: 38903973
I've requested that this question be closed as follows:

Accepted answer: 500 points for McKnife's comment #a38816682

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
A procedure for exporting installed hotfix details of remote computers using powershell
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question