Recently my daughter’s Window 8.1 laptop developed problems with it’s SSD drive. Before I could get a good backup of the data on the system it stopped booting. I had setup this computer as a rush job earlier this year and hadn’t any time to play with it or another Window 8.1 computer.
The first challenged I faced was that the SSD drive was encrypted with BitLocker. Fortunately, I was able to get the recovery keys for the system and then was able using WinPE to build a USB flash drive that allowed me to boot the system, unlock the drive and backup the data to another USB flash drive.
Below are the steps / notes I took while doing this. I am posting them so that I have them for the next time and in the hopes that they might help someone.
The first step was to install WinPE and build a bootable USB flash drive. I had problems getting WinPE for Windows 8.1 to install on my Windows 7 desktop. Fortunately, there was still a copy of WinPE for Windows 8.0 that I was able to get installed.
WinPE Bootable USB Flash Drive
Install Windows ADK. Then open command window as administrator and run the batch file to define the environment variables. I installed using the defaults.
After searching the web and reading several sets of instructions I followed the steps below to create the bootable flash drive. Installed all cabs below but believe that only the ones in purple were needed.
The copype.cmd command creates a WinPE environment in the directory specified. I was using 64bit machines so I used amd64. For 32 bit you would use x86.
The dism commands mount the boot image file and allow you to manipulate it. I installed several additional packages using the /add-package feature. You will need to install these packages to manage-bde which is used to unlock the drive.
| C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\DandISetEnv.bat copype.cmd amd64 c:\winpe_amd64 dism /mount-wim /wimfile:c:\winpe_amd64\media\sources\boot.wim /index:1 /mountdir:c:\winpe_amd64\mount dism /image:C:\winpe_amd64\mount /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-WMI.cab" dism /image:C:\winpe_amd64\mount /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-FMAPI.cab" dism /image:C:\winpe_amd64\mount /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-SecureStartup.cab" dism /image:C:\winpe_amd64\mount /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-EnhancedStorage.cab" dism /image:C:\winpe_amd64\mount /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-WMI_en-us.cab" dism /image:C:\winpe_amd64\mount /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\WinPE-Scripting.cab" dism /image:C:\winpe_amd64\mount /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-Scripting_en-us.cab" dism /image:C:\winpe_amd64\mount /add-package /packagepath:"C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\WinPE_OCs\en-us\WinPE-SecureStartup_en-us.cab" |
On other thing that I did was to create text file key.txt in the WinPE root directory with the BitLocker recovery key in it. This allowed me using notepad once WinPE had booted to copy and paste the recovery key. While this isn’t required it sure saves typing.
Then I dismounted the boot image file committing my changes with the /commit option and used the MakeWinPEMedia command to copy my files to the usb flash drive e:.
| dism /unmount-Wim /mountdir:c:\winpe_amd64\mount /commit MakeWinPEMedia /UFD C:\WinPE_amd64 e: |
Once the WinPE USB flash drive was created I put it in the laptop and booted it. The laptop was seutp to boot using UEFI and secure boot mode both of which had to be turned off in the BIOS so that I could select boot from USB mode.
Once I did this the system booted right up.
Unlock Bitlocker with manage-bde
Once the system was booted I unlocked the BitLocker OS drive using the command below.
manage-bde -unlock c: -recoverypassword <recovery key> |
Copy Files off the System
Once the drive was unlocked I used robocopy to copy the files to another USB flash drive.
| robocopy c:\<dir> e:\<dir> /copyall /e /r:0 /dcopy:t |
Given the number of files it took a good bit of time but at the end I had all the files on the USB flash drive and could load them back on the system after replacing the drive.
2 comments:
Dear
Many thanks for this tip, it worked fine for me with some changes, because I was using an x86 architecture. The only missing part in my opinion is how to make an USB stick bootable. (For beginners), here is how to proceed:
Run CMD.exe as admin and run the following commandes
diskpart
list disk
select disk [Your_Drive_Number]
clean
create partition primary
select partition 1
active
format quick fs=fat32
assign
exit
--------------------------------------------------------
Thanks again
Saved my life, our CEO in Dubai had a Windows 8.1 laptop bitlocker enabled and had managed to lock out the local admin account so without turning off encryption there was no way to reset the local admin via Hirens
Ive also learnt about WinPE :)
Thanks again mate!!
Post a Comment