Documente Academic
Documente Profesional
Documente Cultură
c
View products that this article applies to.
! This article applies to a different version of Windows than the one you are using. Content in this article
may not be relevant to you.Visit the Windows XP Solution Center
INTRODUCTION
This article describes a new setting in Windows Vista Ultimate and in Windows Vista Enterprise. This setting
helps protect confidential data in a pagefile when BitLocker Drive Encryption (BDE) is enabled.
MORE INFORMATION
The Windows Vista memory-management system includes a feature that automatically manages the system
pagefile. The memory-management system typically puts the pagefile on the same volume as the operating
system (OS). However, if this volume does not have sufficient space, the pagefile may be relocated to
another local volume on which more disk space is available. This relocation may cause data-confidentiality
issues when BDE is used to protect the OS volume. Specifically, information may be disclosed if the
To reduce this threat, BDE automatically creates the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory
Management\PagefileOnOsVolume
This subkey lets you direct the memory-management system to put the pagefile only on the BDE-protected
OS volume. Specifically, if you set this subkey to a value of ", the OS volume is the only volume that the
Session Management Sub System (SMSS) will consider as a location for the pagefile. If there is insufficient
space on the OS volume, SMSS will create a smaller pagefile on this volume.
When BDE is enabled, the setting is automatically created, and it is set to a value
of ". However, BDE will not create the PagefileOnOsVolume registry entry if the following registry subkey is
This functionality gives administrators control over how BDE and the memory-management system manage
the pagefile. We recommend that you enable Encrypting File System (EFS) encryption of the pagefile if the