Scenario 16: Using the BitLocker Repair Tool to Recover a Drive
Applies To: Windows 7
The BitLocker Repair Tool (Repair-bde) is a command-line tool included with Windows 7 and Windows Server 2008 R2. This tool can be used to access encrypted data on a severely damaged hard disk if the drive was encrypted by using BitLocker Drive Encryption. Repair-bde can reconstruct critical parts of the drive and salvage recoverable data as long as a valid recovery password or recovery key is used to decrypt the data. The Repair-bde command-line tool is intended for use when the operating system does not start, or when you cannot start the BitLocker Recovery Console. If a drive has been physically damaged, it may not be recoverable.
Before you start
To complete the procedure in this scenario:
Your test computer must have a BitLocker-protected drive.
You must be able to provide administrative credentials.
You must have at least one of the following:
Recovery password
Recovery key file location
Recovery package file location and the corresponding recovery password
Recovery package file location and the corresponding recovery key file location
You must have an empty output volume of equal or larger size than the BitLocker-protected drive (whose contents will be completely overwritten after the repair operation).
The following procedure provides the command-line syntax for using each type of recovery information with the Repair-bde tool. For this procedure, we recover access to the data stored on drive C: and write the recovered data to an output volume on Z: by using the parameters in the following table.
| Recovery information | Value |
|---|---|
Recovery password |
062612-026103-175593-225830-027357-086526-362263-513414 |
Recovery key file location |
F:\RecoveryKey.bek |
Recovery package file location |
F:\ExportedKeyPackage |
Replace these parameters as appropriate for your test environment.
To repair a BitLocker-protected drive by using Repair-bde
Open a Command Prompt window as an administrator.
To do this, click Start, type cmd in the Search programs and files box, right-click cmd.exe, and then click Run as administrator.
If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.
At the command prompt, type one of the following commands, depending on which recovery information you want to use:
To repair using a recovery password:
repair-bde C: Z: -rp 062612-026103-175593-225830-027357-086526-362263-513414
To repair using a recovery key:
repair-bde C: Z: -rk F:\RecoveryKey.bek
To repair using a recovery package and the corresponding recovery password:
repair-bde C: Z: -kp F:\ExportedKeyPackage -rp 062612-026103-175593-225830-027357-086526-362263-513414
To repair using a recovery package and the corresponding recovery key:
repair-bde C: Z: -kp F:\ExportedKeyPackage -rk F:\RecoveryKey.bek
Note
If the path to the key package is not specified, Repair-bde will search the drive for a key package. However, if the hard drive has been damaged, the tool may not be able to find the package and will prompt you to provide the path. We recommend that you include the key package in the Active Directory key storage so that you can export the key package if needed.
By completing this procedure, you have used the Repair-bde command-line tool to repair a damaged BitLocker-protected drive.