Setting up BitLocker on laptops without TPM and save the password in the Active directory
Hi
I have laptops with Windows 7 enterprise installed and don’t have TPM modules in these laptop. Our management is concerned about the security of the data on the laptops if stolen or lost and have asked me to encrypt the laptop drive.
Is it possible to set up bit locker on Window 7 Enterprise laptops without using TPM and I would like to set password for the encryption.
Whenever the laptop boots, I would like to laptop to prompt for the password and when the user keys in the password, it must get into windows.
Also I would like the save the password (Keys) to Active Directory. In case the user forgets the password, we must be able to recover the password for them.
Please can step by step tutorial be posted and Thanks in advance.
I have laptops with Windows 7 enterprise installed and don’t have TPM modules in these laptop. Our management is concerned about the security of the data on the laptops if stolen or lost and have asked me to encrypt the laptop drive.
Is it possible to set up bit locker on Window 7 Enterprise laptops without using TPM and I would like to set password for the encryption.
Whenever the laptop boots, I would like to laptop to prompt for the password and when the user keys in the password, it must get into windows.
Also I would like the save the password (Keys) to Active Directory. In case the user forgets the password, we must be able to recover the password for them.
Please can step by step tutorial be posted and Thanks in advance.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Lianne, could you explain what you concluded after reading these suggestions? I would be glad to hear, because they could be seen as contradictory and all were answers to you.
ASKER
Hi McKnife
Our laptops are Windows 7 enterprise without TPM.I understand with the current configuration of our laptop, if I set bit locker laptops, I need to issue the USB sticks with the password on it for all the staff to boot up the laptop.
We are going to disable the USB stick on the Laptops on our network.
In case we don’t disable the USB and give USB stick (with password) to boot the laptop, we can’t expect every staff to carry the USB stick at all the times and also if they lose the stick with the laptop bag -Data is stolen?
I installed Veracrypt on a laptop and it encrypts the hard drive and also asks to create a recovery CD during the setup and instruction says to keep CD safe, in case if any data needs recovered from the laptop hardisk. So planning to create the recovery disc for all the laptops and keep the disc in the safe location.
Now after installing the VeraCrypt on the laptop and when the laptop boots it asks for a password on the dos screen, Once this is keyed in, the laptop boot to windows and stays at the Cntrl+Alt+Del screen for the domain user credentials.
Thanks
Our laptops are Windows 7 enterprise without TPM.I understand with the current configuration of our laptop, if I set bit locker laptops, I need to issue the USB sticks with the password on it for all the staff to boot up the laptop.
We are going to disable the USB stick on the Laptops on our network.
In case we don’t disable the USB and give USB stick (with password) to boot the laptop, we can’t expect every staff to carry the USB stick at all the times and also if they lose the stick with the laptop bag -Data is stolen?
I installed Veracrypt on a laptop and it encrypts the hard drive and also asks to create a recovery CD during the setup and instruction says to keep CD safe, in case if any data needs recovered from the laptop hardisk. So planning to create the recovery disc for all the laptops and keep the disc in the safe location.
Now after installing the VeraCrypt on the laptop and when the laptop boots it asks for a password on the dos screen, Once this is keyed in, the laptop boot to windows and stays at the Cntrl+Alt+Del screen for the domain user credentials.
Thanks
Why would you need veracrypt? You were shown how to use a a password with bitlocker on windows 7 - without needing anything else.
I had a feeling that you still had not understood that and you confirmed that.
I had a feeling that you still had not understood that and you confirmed that.
ASKER
We have 60 Laptops , that needs encrypted. It will be difficult to setup USB sticks to to each laptop and staff have to carry the USB with their laptops and if they misplace the USB or lose the laptop bag (with laptop and USB) the data can fall into wrong hands.
Is there any other way we can set up with windows 7 without the startup keys in USB.