I was writing a few BitLocker articles (e.g. How to Enable BitLocker Recovery Information to Active Directory) and I need a computer that I could turn on BitLocker. As always, I open the control panel and look for BitLocker and can’t find it! I say to myself, where is BitLocker on Windows Server? Within a minute or two, I remember that there are extra steps on enabling BitLocker on a server. As part of this article, I will also show you how to enabled TPM on a Hyper-V virtual machine (VM). This article will provide the step-by-step to do both of these tasks.

How to Enable BitLocker on Windows Server

I don’t know why BitLocker is NOT automatically installed on all servers. I would think with the world worrying about security that this would be installed by default. Anyways, I digress.

What is BitLocker?

It allows for disk encryption of your hard drives.

See Wikipedia for more details on BitLocker.

Server Manager Dashbaord

From the Server Manager Dashboard. Select Add roles and features, item. (green arrow)

Before you begin wizard screen

The Before you begin, screen maybe missing if you have selected Skip the page by default before. Click Next.

Select installation type wizard screen

Click Next.

Destination Server Wizard screen.

Again, accept the defaults and click Next.

Server role screen

Click Next.

Enabled BitLocker on a Windows Server screen with popup.

Select BitLocker Drive Encryption, this will immediately open the Add Roles and Feature Wizard windows. Click Add Features button.

Showing BitLocker on a Windows Server enabled screen

Still on the main wizard window, click Next.

Stating the install of enabling BitLocker on a Windows Server screen

Click Install to start the installation of BitLocker on Windows Server.

Waiting for BitLocker on a Windows Server to complete.

Meanwhile, wait for the installed to complete.

BitLocker on a Windows Server has completed and reboot is needed.

You will have to reboot before the install if completed. Click Close and reboot the server. Finally, you are done. And at last, you can enabled BitLocker like Windows 11.

How to Enable TPM on Hyper-V Server

There really isn’t a trick to this. But it seemed like a good companion topic for how to enabled BitLocker on a Windows Server. It also didn’t seem worthy of its own article.

What is TPM?

TPM is a chip that allow you to securely store passwords.

Read more about Trusted Platform Module.

Setting TPM on a Hyper-V VM.

Turn off the VM before starting. In Hyper-V Manager, right-click as VM and select Setting….

Enabling TMP on a VM

Again on the setting window, select Security node (green arrow) then select Enabled Trusted Platform Module (TPM) (orange arrow), finally click OK to complete the installation of TPM.

Note: You need to enable TPM BEFORE you enabled BitLocker.

Coupled with the other BitLocker articles as shown in this set are How to Enable BitLocker Recovery Information to Active Directory, How to Backup BitLocker Recovery Key to AD, How to Query AD for BitLocker Details. Will improve your Security.

To sum up, With just a few minutes of effort, you too can increase the security of your environment. Do not get caught and remember this article and remember how easy it was to enable BitLocker. If you have any questions, please feel free to touch base @Garthmj.