Macrium Reflect

Discussion in 'backup, imaging & disk mgmt' started by Stigg, Nov 23, 2013.

  1. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,305
    I have not used Bitlocker before, not sure about that. I have enough space as such and while I also prefer a tidier setup, I can ignore these partitions in the future. Main thing I was concerned was how to image and if I exclude those from imaging, then at least my images remain more compact and will be done faster. I just did not want to find out too late that something was missing when I needed to rebuild.
     
  2. Hadron

    Hadron Registered Member

    Joined:
    Apr 1, 2014
    Posts:
    1,779
    I understand that, Brian.
    But isn't that a single OS computer?
     
  3. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    761
    Location:
    US
    Partition #4 contains the factory image that can be restored if desired. Partition #5 is the Dell SupportAssist partition, which might include the application to actually perform that restore and/or tools to allow Dell to perform remote troubleshooting sessions even if your main Windows partition isn't bootable. But I've never used either of those myself, so I'm not sure.

    But if it were my PC and I didn't want to completely erase the drive and start with a fresh Microsoft-based install rather than Dell's baseline, then I would do the following:

    - Use diskpart to delete the remaining two partitions (you might need "delete partition override" for that)
    - Use Reflect to capture an image of at least the WinRE partition, if not the whole disk.
    - Use diskpart to delete the WinRE partition (will definitely need "delete partition override")
    - Extend the C partition to an amount that will fill the rest of the disk except for the amount you'll need to restore the WinRE partition
    - Restore the WinRE partition to the end of the disk

    Of course there are a variety of tools you could use to accomplish the above, including tools that will shift live partitions around, but this being a Reflect forum, I figured I'd select a method that only used Reflect and a tool built into Windows.
     
  4. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    761
    Location:
    US
    Ok, so about BitLocker. That unexpected BitLocker presence is something that started out as a good idea but has become a nightmare to due implementation. Basically, Dell and other vendors are now shipping systems with BitLocker pre-staged, i.e. with the disk encrypted but BitLocker kept in a suspended state so that it works like a regular partition. If you choose to link your Windows user account to your Microsoft account -- which with Windows 11 Home will be a requirement, apparently -- then your BitLocker Recovery Key is backed up to your Microsoft account and BitLocker is fully enabled, which happens instantaneously due to the pre-staging. The problem is that at least with Windows 10, NONE of that is communicated to the user. It all happens in the background There's no popup dialog saying, "Hey, we're about to enable BitLocker encryption to protect your data. Normally you'll never notice it, but under certain circumstances you may need to provide a Recovery Key to unlock your drive. If that happens, here is where to find it. And if you want to back it up elsewhere, we're displaying it right now so you can do that." And even the BitLocker Recovery Key prompt that it appears when it's required doesn't expressly suggest checking your Microsoft account. As a result, some users have panicked a bit when they see this, especially after they do NOT find it in their MS account. Some of those people ultimately found their key in an old MS account they'd forgotten about or even in spouse's accounts after they used the system. Others I've worked with never ended up finding theirs and ended up wiping their disk. So it's a bit of a mess. I hope Windows 11 has made this process more obvious, but I'm not sure.

    Anyhow, if you want to use BitLocker, then back up that Recovery Key. If you don't, then turn it off. If you're running Windows Home rather than Pro and therefore don't have access to the regular BitLocker management interface, use the "manage-bde" command line tool to disable it or view your Recovery Key and fully enable it. (Fun fact: That can be used on Win10 Home to fully enable BitLocker without having to link your Windows account to your MS account.)
     
  5. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,305
    :sick: - wow, that's not what I expected and I appreciate your advice. I did use my ms account for this and there was no reference to bitlocker made at any stage, nor did I notice anything during reboots or otherwise. Guess I need to get myself informed on what Bitlocker actually does and how it may affect me. More importantly, I need to get the recovery key and store is safely.
     
  6. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,420
    Location:
    Under a bushel ...
    About a year ago I had an issue with a WU feature update to Win 10 Pro v2004.
    Turning off BitLocker resolved the issue.
    Unless I was actively going to use it on a new computer, I would turn it off.
     
  7. faircot

    faircot Registered Member

    Joined:
    May 17, 2012
    Posts:
    226
    Location:
    UK
    I've got a small but annoying problem. I created a file and folder backup to supplement the regular imaging backups I have and that worked well.
    However, I decided I didn't need this new file backup and deleted it from Macrium. I now keep getting the attached message. I've searched for the xml file and any reference to Macrium and this file, including Windows scheduler and the registry but can't find where this message originates.
    Any suggestions appreciated.
     
  8. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    761
    Location:
    US
    BitLocker is whole disk encryption, so it has value. But yes if you don't know where your Recovery Key is when you need it, then it's not so great. If you want to see your Recovery Key and are running Windows Home, run "manage-bde -protectors -get C:". The 48-digit string at the bottom of the Numerical Password protector info is your Recovery Key -- NOT the GUID that is encased in braces/curly brackets.

    In its default mode, BitLocker on a Windows partition stores an unlock key in your TPM. The reason your system can boot without you providing a password or anything else is because the TPM releases the unlock key. But it only does that if the system state passes a "platform integrity check" to ensure that nothing about the hardware or firmware environment has changed that could signify an attempt to compromise the key. If the integrity check fails, then the TPM won't release the key, and you'll be prompted to provide the Recovery Key instead. On some systems, a BIOS update counts as a change that would break that check -- which is why some people have found themselves locked out of their system after a BIOS update because they didn't know where their Recovery Key, because they didn't realize that BitLocker had even been enabled on their system. In cases where this prompt appears due to a failed platform integrity check, entering the Recovery Key once causes the TPM to "re-seal" to the new hardware/firmware environment and trust it going forward. But other cases where you might see a Recovery Key prompt include situations where the TPM no longer has the key at all, such as after a motherboard replacement or after clearing the TPM, either deliberately or (at least on some systems) after installing a TPM firmware update. Those firmware updates became rather popular leading up to Windows 11, since it requires TPM 2.0 by default and some system models had TPMs that could be upgraded from 1.2 to 2.0 via firmware.

    Anyway, yes I would recommend making sure you know where your Recovery Key is stored, in your Microsoft account and/or anywhere else you want to store it. Either that, or disable BitLocker.
     
    Last edited: Oct 27, 2021
  9. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    761
    Location:
    US
    Go to the Scheduled Backups tab and delete the scheduled task that's trying to call that file. If you're using Macrium Task Scheduler, you won't find that task in Windows Task Scheduler.

    Also, I'd suggest editing your screenshot attachment so that it doesn't show your Reflect license key at the bottom of the log.
     
  10. faircot

    faircot Registered Member

    Joined:
    May 17, 2012
    Posts:
    226
    Location:
    UK
    Ahhhh! I thought I'd deleted the task from Task Scheduler - but obviously not. Thanks you for the heads up. Attachment deleted.
     
  11. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,305
    Jphughan, thank you very much for your clear explanation - very helpful. I have secured my key and now not only have it via the account but also stored safely externally. As in daily usage the encryption is not noticeable and given it's a laptop loss or theft is more likely than for a desktop, I think I will leave Bitlocker on.
     
  12. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,305
    Paulderdash, what do you mean by "actively using"? It's the first time I have come across this feature on any of my pc or laptops but apart from the fact that it got "installed" by stealth, I don't see any problems in having it (yet). It does not require me
    to do anything different when using my laptop and my understanding is that in case of losing the device or having it stolen, my personal data is much better protected.
     
  13. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,420
    Location:
    Under a bushel ...
    I was just adding on to jphughan's comment #9604 (esp. last paragraph).
    I found it curiously caused Windows update issues for me in the past, until I turned it off, so I prefer to do just that.
    But having secured your key, and if you have no issues, no problem.
    Should you encounter similar issues for any reason, turning off BitLocker would be one thing to try.
     
  14. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,291
    Location:
    Among the gum trees
    I just got a pop up from MRv8
     
  15. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,595
    Thanks, @Krusty. Got v8.0.6350 via internal updater a couple of minutes ago. Reboot required.
     
  16. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,291
    Location:
    Among the gum trees
    :thumb: Thanks for the heads-up about the required restart. Haven't quite got there yet but I'm on it.
     
  17. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,291
    Location:
    Among the gum trees
    I'm only using the free version. No prompt to restart here x 2 machines.
     
  18. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    6,774
    Location:
    USA
    I had to restart. Paid version but not sure why that would matter. I assume it's the same installer.
     
  19. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,291
    Location:
    Among the gum trees
    Yeah, dunno. Maybe there is a component in the Pro version that isn't included in the Free version?

    I did restart anyway, just in case.
     
  20. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,934
    Thanks @Krusty just installed the update and I did have to reboot. I am on version 8 paid.
     
  21. jphughan

    jphughan Registered Member

    Joined:
    May 3, 2018
    Posts:
    761
    Location:
    US
    Image Guardian and CBT both have updates in this release. Both are drivers, and Reflect Free has neither. I had Image Guardian but not CBT installed and got a restart prompt.

    It appears there is a breaking bug in 8.0.6350 that prevents Reflect from making encrypted backups. Not an issue for Free users and maybe not for some paid users, but fyi. Multiple reports on the Macrium forum, including one confirmation from yours truly. The only item in the release notes relating to passwords is "viBoot incorrectly checking password encrypted image files during VM creation. This has been resolved," but maybe that broke something somehow? Whatever the cause, I have a feeling there will be another update in the next 24 hours or so.
     
  22. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    881
    Location:
    Lunar module
  23. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    881
    Location:
    Lunar module
    The developers have done a great job, the program will get even more fans thanks to such a massive localization
    4.png
    Many users only use bootable media, without installing the program to the system. It would be a big plus to create Macrium Shell Extension to mount backups in Explorer when Macrium Reflect is not installed.
    P.S. such exist for Acronis True Image.
     
  24. test

    test Registered Member

    Joined:
    Feb 15, 2010
    Posts:
    496
    Location:
    italy
  25. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,291
    Location:
    Among the gum trees
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.