Clonzilla on Surface Pro 3 -- Bitlocker Encrypted Partition

My Surface Pro 3 recently stopped working. Here's how I imaged it onto the replacement Surface Pro 3.

NOTES: Be sure that you've updated all devices to the latest firmware, or step 5 below won't work. Other explanations of the process below assume you're connected to a domain or that your drive is NOT encrypted, but in fact, if your computer is a personal one (like mine), your Bitlocker encryption key has already been saved to OneDrive, and your drive is indeed encrypted (Full Disk Encryption) via TPM.

1. Right-click C: and click Manage Bitlocker
2. Click Suspend Protection
3. Shut down the computer
4. Press and hold the Up Volume hard button, then tap the hard Power button and wait until the UEFI screen appears.
5. Disable the first and second options (TPM and secure boot) and then set the boot order to USB first.
6. Boot Clonezilla from USB drive. NOTE: You'll need a USB hub (mine contained Clonezilla, a USB keyboard, and an external hard drive). This is required because Clonezilla doesn't recognize the Surface Pro 3's keyboard, which is a shame because otherwise you could CloneZilla's run-from-RAM (I'm paraphrasing) option and then connect your external drive.
7. On the failed PC, create a local image of partition 4 (the partition that contains all of your data).
8. Repeat steps 1-6 but now restore #7's image to the replacement PC's partition 4.
9. Before booting into Windows on the replacement computer, re-enable TPM and secure boot.
10. During Windows boot-up, you'll need to enter your Bitlocker Recovery Key (just Google that, log in, and enter the code).

Voilà! You're done. My 256 GB drive was nearly full and took 3 hours to backup, but only 1.5 to restore. I spent 5 hours instead of 3 days configuring my PC.

Comments

Hi,

unfortunately I can't login into Windows anymore. So I can't suspend BitLocker.
Do you see any chance to clone the drive and restore it on another PC?
I have the recovery key of the BitLocker drive.

If you can't log into Windows prior to cloning, then you (most likely) won't be able to log in afterwards either. That said, search Google for "locked out" Bitlocker. Good luck!

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.