I just deployed Bitlocker in hopes to have an encrypted drive ready to encrypt backup data to removable storage. Searching the net, I thought I had found what I was looking for: Automatic Unlocking. I need the drive available via the network even without any administrator logged in. This feature does not do this, and here was my test. The Bitlocker drive is a USB 2.0, two terabyte drive. The drive has been encrypted with Bitlocker Auto Unlock has been chosen for the drive. The drives letter is I$. No shares are on this drive. I rebooted the server, leaving the Bitlocker drive attached. The server was completed as far as rebooting, no one logged in. From another server I typed \\server\I$ and nothing ever came up. I typed \\server\c$ and got to the root drive. I logged onto the Bitlocker server, typed \\server\i$ and got to the bitlocker USB drive as the automount feature worked. I logged off. I typed \\server\i$ and was STILL able to get onto the bitlocker drive. No one was logged into this server. So to me this seem's somewhat of a design flaw. I have no problem with anyone reading the contents of the drive while in the office. I worry that someone could grab the USB drive thinking they would have all the company data, but not be able to get in, well this was accomplished. However, NONE of our backup programs would work if they tried to write to this drive from other servers and workstations. Am I doing something wrong? Trucrypt also has this problem but worse. Thanks!

I've looked into the command line and that comes close, however several features are not explained at all such as Numerical Password Protector. I was able to lock and unlock the drive via command line but the unlock prompts you for the password which apparently cannot be scripted which I understand. Last option is to have an autologon to the server with an autologoff script run and start up. What a pain and a potential security breach right there.