HP ProLiant DL360 G4 Server User Manual
Page 18
Post-installation tasks 18
cannot be accessed, if there are changes to key system files, or if someone tries to start the computer from a
product CD or DVD to circumvent the operating system, the computer switches to recovery mode until the
recovery password is supplied.
For more information regarding BitLocker, see the Microsoft® website
. For a step-by-step guide, also see the
Microsoft® website
To install BitLocker Drive Encryption on Microsoft Windows Server 2012 Essentials:
1.
Add BitLocker feature from Server manager, and reboot the server.
2.
After the operating system boots, log in as an administrator, go to the Control Panel.
3.
Click System and Security, and then click BitLocker Drive Encryption.
4.
Click Turn on BitLocker on the operating system volume.
5.
If the User Account Control dialog box is displayed, confirm the action, and then click Continue.
6.
The BitLocker Drive Encryption page is displayed.
7.
One of the following warnings appears:
o
BitLocker encryption might have a performance impact on your server. If
your TPM is not initialized, the TPM Security Hardware wizard appears.
Follow the directions to initialize the TPM. You must restart or shut down
your computer for the changes to occur
.
o
This device cannot use a Trusted Platform Module. Your administrator must
set the “Allow BitLocker without a compatible TPM” option in the “Require
additional authentication at startup” policy for OS volumes
.
a.
To resolve the issue identified in the second error message, do the following:
i.
Press Windows key to access the Run command.
ii.
Type MMC. If the User Account Control dialog box is displayed, click Yes.
iii.
Click File>Add/Remove Snap-in.
iv.
Select Group Policy Object Editor under available snap-ins, and click Add to select snap-ins.
v.
Make sure Local computer is selected, and click Finish.
vi.
Click OK.
vii.
Expand Local computer policy>Computer Configuration>Administrative Templates>Windows
Components>BitLocker Drive Encryption>Operating System Drives, and then select the policy
“Require additional authentication at startup”, and enable the policy.
viii.
Click Apply and OK.
ix.
Collapse the entire path.
x.
Click File>Exit (Save the MMC console if required).
8.
Repeat the step 2.
9.
On the BitLocker Drive Encryption page, select one of the following methods to unlock your drive at
startup:
o
Insert a USB flash drive.
o
Enter a password.
10.
On How do you want to back up your recovery key page, the following options appear:
o
Save to a USB flash drive – Saves the password in the USB flash drive.
o
Save to a file – saves the password in the file on a network drive or other location.