Skip to Content.
Sympa Menu

ad-assurance - [AD-Assurance] RE: NR,*J*IT edits to cookbook

Subject: Meeting the InCommon Assurance profile criteria using Active Directory

List archive

[AD-Assurance] RE: NR,*J*IT edits to cookbook

Chronological Thread 
  • From: Brian Arkills <>
  • To: "" <>
  • Subject: [AD-Assurance] RE: NR,*J*IT edits to cookbook
  • Date: Fri, 28 Jun 2013 18:16:07 +0000
  • Accept-language: en-US
  • Authentication-results:; dkim=neutral (message not signed) header.i=none

·         Noting that the use of full disk encryption on DCs running on VMs is not supported by Microsoft

[BA] I've made an edit to appendix C to address the concern I voiced on the call today. It now says:


A potential issue with the use of BitLocker on Domain Controllers arises if you deploy DCs via virtual machines (VMs), as Microsoft does not support BitLocker directly within VMs. However, Microsoft notes that if you BitLocker a HyperV host (i.e. the volumes the guest disks are on), the BitLocker protections are enjoyed by all guest VMs. Microsoft may or may not support other full disk encryption solutions when virtualizing a Domain Controller, so check on support from Microsoft if you run in an alternate configuration.

Archive powered by MHonArc 2.6.16.

Top of Page