Bitlocker, Hyper-v

BitLocker auto‑unlock for a data disk in a Hyper‑V VM (no TPM)

Leave a comment

BitLocker auto‑unlock for a data disk in a Hyper‑V VM (no TPM)

This enables automatic unlock for a BitLocker‑protected data volume inside a Hyper‑V VM without TPM. Unlock once, then turn on auto‑unlock.

Prerequisites

  • Scope: Data disk (not OS partition)
  • Inside VM: Run all commands in the guest Windows VM
  • Drive letter: Replace D: with your data volume

Step 1: Unlock the data disk once

Use your BitLocker password (you will be prompted interactively):

manage-bde -unlock D: -Password

Step 2: Enable automatic unlock

Tell Windows to remember the key and auto‑unlock this data volume whenever the OS volume is unlocked:

manage-bde -autounlock -enable D:

Step 3: Verify status

Confirm that auto‑unlock is enabled:

manage-bde -status D:

Notes

  • No TPM needed: Auto‑unlock for data volumes stores the key on the OS volume.
  • VM moves: If the VM/VHDX is moved or restored, re‑enable auto‑unlock.
  • Backup: Keep the recovery key safely backed up (file, printout, or account).

Leave a Reply

Your email address will not be published. Required fields are marked *

Are you human? Please solve:Captcha