1. Home >
  2. Free Partition Software >
  3. How to Enable BitLocker on Windows Server 2016/2019

How to Enable BitLocker on Windows Server 2016/2019

BitLocker is a powerful encryption tool available on Windows Server 2016 and 2019. In this post, you will learn how to enable BitLocker on Windows Server 2016/2019 using a built-in feature and a third-party BitLocker manager.

Hedy

By Hedy / Updated on August 21, 2024

Share this: instagram reddit
Table of Contents

What is BitLocker on Windows Server 2016/2019?

BitLocker is a full-disk encryption feature included with Microsoft Windows versions starting with Windows Vista. Its primary purpose is to protect data by encrypting entire volumes, making it nearly impossible for unauthorized users to access your information without the proper credentials. This encryption technology is essential for safeguarding sensitive data, especially in environments where data security is a top priority.

With each new version of Windows, Microsoft has enhanced BitLocker’s features, making it more user-friendly and secure. The introduction of BitLocker in Windows Server 2016/2019 brought enterprise-grade encryption capabilities to server environments, offering administrators an efficient way to protect data at rest.

That’s why so many Sever users are asking for a way to enable BitLocker on Windows Server 2016/2019. But before proceeding to the step-by-step guide, let’s learn some demands for encrypting volumes on Server 2016 and 2019.

System Requirements for BitLocker on Windows Server 2016/2019

Hardware Requirements

━ To use BitLocker on Windows Server 2016/2019, certain hardware requirements must be met:

━ A TPM version 1.2 or later for enhanced security features.

━ A server with UEFI firmware for modern encryption techniques.

━ Sufficient disk space to accommodate the encryption process.

Software Compatibility

BitLocker is fully compatible with Windows Server 2016/2019. However, it's essential to ensure that all drivers and software on the server are up to date to avoid compatibility issues.

How to enable BitLocker on Windows Server 2016/2019

Enabling BitLocker on Windows Server protects your data by encrypting the entire volume. Here's a full, step-by-step guide for enabling BitLocker:

However, BitLocker Drive Encryption is not installed by default on Windows Server. Thus, the first move is to install it on your Windows Server computer.

Part 1. Install BitLocker Drive Encryption

In Server Manager, select Add Roles and Features. Proceed by clicking Next on the Before You Begin screen, and again on the installation type, keeping Role-based or feature-based installation as the default option. Choose your server and click Next. Bypass the Server Roles section by clicking Next.

In the Features window, check the box for BitLocker Drive Encryption.

install-bitLocker-drive-encryption

If prompted, check the box to Include management tools (if applicable) and click Add Features.

include-management-tools-for-bitLocker-drive-encryption

After being redirected to the Select Features window, click Next. Since the installation requires a reboot, choose the option to Restart the destination server automatically if required and proceed with Install. Confirm the reboot warning by selecting Yes, and then click Install again to begin the process.

Part 2. Enable BitLocker Drive Encryption

To encrypt a drive (Here is system C drive) in Windows Server, open the Control Panel, switch the view to Large or Small icons, and navigate to BitLocker Drive Encryption. In the section for your target drive, click Turn on BitLocker.

turn-on-bitLocker

You'll then need to choose between Encrypt used disk space only or Encrypt entire drive. If you're setting up a new server, encrypting only the used disk space will be much faster. However, if the server has already been in use, it's better to encrypt the entire drive to ensure all data, including free space, is protected. After making your choice, click Next.

choose-how-much-of-your-drive-to-encrypt

On the final screen, you can opt to run a hardware system check by checking the Run BitLocker system check box. If you do, a reboot will be required. To begin the encryption process, click Start encrypting.

start-encrypting

An easier way to enable BitLocker on Windows Server 2016/2019

As you can see, it’s a little complicated to turn on BitLocker on Windows Sever 2016/2019 with native feature. And not all users can meet the requirements for BitLocker Drive Encryption. Luckily, a reliable partition manager and BitLocker tool called AOMEI Partition Assistant Server can clear these obstacles perfectly.

It allows you to easily and quickly enable the BitLocker drive encryption in all editions of Windows Server 2022, 2019, 2016, 2012 (R2), 2008 (R2), 2003 and SBS 2011, 2008, 2003. Here is a demo version of this software, download it and see how to use it to enable BitLocker on Windows Server 2016/2019:

AOMEI Partition Assistant

The Best Windows Disk Partition Manager and PC Optimizer

Free Download
Windows Server 2012/2016/2019/2022

Step1. Install and launch AOMEI Partition Assistant. Click the "Tools" main tab and select "BitLocker".

bitlocker-tools

Step 2. All drives on the system will be displayed, including operating system drives, fixed data drives, and removable drives. Please find the partition you would like to encrypt BitLocker and click the "Turn on BitLocker" option. (Here, we take the drive D: as an example.)

Tip: It only supports encrypting NTFS partitions. Other partition file systems, for example, FAT or FAT32 cannot be encrypted.

turn-on-bitlocker

Step 3. Please set and confirm a password to encrypt the drive and click "Next".

turn-on-bitlocker-enter-password

Step 4. Select a way to back up your recovery key. You can either select "Save to a file" or "Print the recovery key".

turn-on-bitlocker-backup-recovery-key

Step 5. If you select "Save to a file", please choose a location on your PC to save the recovery key.

turn-on-bitlocker-save-to-a-file

Then, please click the "Next" button to start the encryption process.

Step 5. The encryption process might take time to encrypt the drive. Before the process is finished, please do not terminate the program, remove the drive, or turn off the power. Once the encryption process is finished, please click "Completed". Finally, the drive is BitLocker encrypted.

encryption-completed

Conclusion

That’s all about how to enable BitLocker on Windows Server 2016/2019. If you need to encrypt your Server’s drives, you can follow the two methods above to make it. As you can see, AOMEI Partition Assistant Server would be more compatible and comprehensive. If you install it on your Server PC, it can also help you manage hard drives and partitions better. For example, it can extend your C drive, delete recovery partition, clone Windows to SSD/HDD, and more.

Hedy
Hedy · Staff Editor
Hedy is an editor of AOMEI Technology. She is very good at solving problems of partition management, and she wants to share all the problems she had already solved to users who met the same questions.

Related Articles

[Easy Guide] How to Turn Off BitLocker on Server 2012

In this guide, you’ll learn how to turn off BitLocker on Server 2022. You can also know to effectively manage BitLocker on Windows Server 2012 without extra steps like turning it off.

3 Ways to Download Windows Server 2022 ISO [Easiest Way included]

How to download Windows Server 2022 ISO and install it without any hassles? If you can’t figure out how to get it done, luckily, this post will provide the best and easiest way for Server 2022 ISO download.

What’re Microsoft Windows Server 2022 Requirements?

What’re Windows Server 2022 minimum requirements for your computer’s hardware? In this post, detailed information about the requirements will be given and meanwhile, a third-party disk manager will help you install Server 2022 more easily.

Windows Server 2019 or 2016 C Drive Full – Solve it Easily

When C drive in Windows Server 2022, 2019, 2016 or 2012 (R2) is full, you can remove unnecessary files from C drive or extend C drive.