Scenario 16: Using the BitLocker Repair Tool to Recover a Drive

Applies To: Windows 7

The BitLocker Repair Tool (Repair-bde) is a command-line tool included with Windows 7 and Windows Server 2008 R2. This tool can be used to access encrypted data on a severely damaged hard disk if the drive was encrypted by using BitLocker Drive Encryption. Repair-bde can reconstruct critical parts of the drive and salvage recoverable data as long as a valid recovery password or recovery key is used to decrypt the data. The Repair-bde command-line tool is intended for use when the operating system does not start, or when you cannot start the BitLocker Recovery Console. If a drive has been physically damaged, it may not be recoverable.

Before you start

To complete the procedure in this scenario:

  • Your test computer must have a BitLocker-protected drive.

  • You must be able to provide administrative credentials.

  • You must have at least one of the following:

    • Recovery password

    • Recovery key file location

    • Recovery package file location and the corresponding recovery password

    • Recovery package file location and the corresponding recovery key file location

  • You must have an empty output volume of equal or larger size than the BitLocker-protected drive (whose contents will be completely overwritten after the repair operation).

The following procedure provides the command-line syntax for using each type of recovery information with the Repair-bde tool. For this procedure, we recover access to the data stored on drive C: and write the recovered data to an output volume on Z: by using the parameters in the following table.

Recovery information Value

Recovery password

062612-026103-175593-225830-027357-086526-362263-513414

Recovery key file location

F:\RecoveryKey.bek

Recovery package file location

F:\ExportedKeyPackage

Replace these parameters as appropriate for your test environment.

To repair a BitLocker-protected drive by using Repair-bde

  1. Open a Command Prompt window as an administrator.

    1. To do this, click Start, type cmd in the Search programs and files box, right-click cmd.exe, and then click Run as administrator.

    2. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.

  2. At the command prompt, type one of the following commands, depending on which recovery information you want to use:

    1. To repair using a recovery password:

      repair-bde C: Z: -rp 062612-026103-175593-225830-027357-086526-362263-513414

    2. To repair using a recovery key:

      repair-bde C: Z: -rk F:\RecoveryKey.bek

    3. To repair using a recovery package and the corresponding recovery password:

      repair-bde C: Z: -kp F:\ExportedKeyPackage -rp 062612-026103-175593-225830-027357-086526-362263-513414

    4. To repair using a recovery package and the corresponding recovery key:

      repair-bde C: Z: -kp F:\ExportedKeyPackage -rk F:\RecoveryKey.bek

Note

If the path to the key package is not specified, Repair-bde will search the drive for a key package. However, if the hard drive has been damaged, the tool may not be able to find the package and will prompt you to provide the path. We recommend that you include the key package in the Active Directory key storage so that you can export the key package if needed.

By completing this procedure, you have used the Repair-bde command-line tool to repair a damaged BitLocker-protected drive.