Solved

Bitlocker on Administrative Shares

Posted on 2013-01-23
5
955 Views
Last Modified: 2013-02-18
I have a win8 workstation that is not domain enabled. The only hard disk on it is bitlocker enabled with TPM. Is it correct that any other machines will not be able to access the Administrative Shares of this workstation?

Not even the Domain Administrator on which this workstation is connected to?
0
Comment
Question by:frukeus
  • 2
5 Comments
 
LVL 53

Expert Comment

by:McKnife
ID: 38809963
Hi.

The encryption Bitlocker does not protect the drive when the key is entered and the drive is mounted, so the answer is "no".
0
 
LVL 1

Author Comment

by:frukeus
ID: 38812861
But this is not an external drive....it is the system drive.

I can understand that when an external drive is connected and key entered, the entire drive is visible to the connected machine. But Bitlocker should protect a system drive from remote access via admin shares since the remote system has no way of entering a key, rite?
0
 
LVL 53

Accepted Solution

by:
McKnife earned 500 total points
ID: 38816682
No, not correct, sorry. Bitlocker does not do anything to protect from against unwanted network access.
Whenever your system starts, c: is mounted after you enter the PIN (if you use a PIN together with your TPM... you should). After it's mounted and windows has booted, the server service shares the shared folders. If we let alone default settings in win7, c: would not be shared, there would be no c$. Only after setting the registry key LocalAccountTokenFilterPolicy (see http://helgeklein.com/blog/2011/08/access-denied-trying-to-connect-to-administrative-shares-on-windows-7/ ), it would be shared and accessible.
No Bitlocker involved.
0
 
LVL 59

Expert Comment

by:LeeTutor
ID: 38903973
I've requested that this question be closed as follows:

Accepted answer: 500 points for McKnife's comment #a38816682

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

While working, an annoying popup showing below will come and we cannot cancel or close it form the screen. The error message will come again and again.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now