ERROR: Cannot shrink the filesystem
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
I have removed my laptop's hd and connected it to my workstation via USB case. The disk has 2 partitions. One has windows, other has files. I want to encrypt the whole disk.
Veracrypt does not let me select device but it allows me to select the partition that windows is installed. Its 111GB size and 30GB free.
I select :
and after a few moments i get an error "The parameter is incorrect"
ERROR: Cannot shrink the filesystem
You want to encrypt your data in-place preserving your data. Since your disk has two partitions, you have to encrypt each partition separately.
In-place encryption is supported for NTFS filesystem only and prior to starting encryption, the filesystem must be shrank to put all data at the beginning of the drive and leave free space at the end of the drive. This is important in order to be able to handle the in-place encryption correctly.
NTFS shrinking is done by calling a native Windows function that performs the operation for us. It is this function that returns an error in your case.
You can find more detailed information about the error by going to Windows Event Viewer and looking for the error entry logged at the same time as the error message. You can post the information here so that it can be analyzed.
There are cases where an NTFS volume can't be shrank as explained in this link: http://www.undermyhat.org/blog/2010/08/tip-how-to-shrink-a-volume-beyond-half-its-size-using-diskpart-or-disk-manager/
Basically, there can be unmovable NTFS files that makes the shrink operation impossible. Since this partition was a Windows partition, it is likely that these are system files.
Without the shrink operation, in-place encryption can't take place. Thus it is possible that you'll only be able to encrypt the other partition which is a simple data partition.
Hello Saimon,
You cannot perform the system encryption (the partition with the Windows OS) via another machine.
You will need to perform the Windows OS system encryption on your laptop which has a different procedures than encrypting non-system partitions. Click on System at the top of the main menu and select Encrypt system partition/drive option and follow the prompts.
After the system encryption is completed, you can encrypt the non-system partition (data) and use the same password as the when you encrypted the OS. Then you can mount the second partition when you enter the password for the bootloader screen by using the System Favorites.
https://veracrypt.codeplex.com/wikipage?title=System%20Favorite%20Volumes
If your Windows OS on the laptop is not using UEFI and does not have the Windows System Reserve partition which does not have a drive letter which you can view it in Disk Management and there are no other partitions provided by the manufacturer like OS recovery/install or troubleshooting partitions, you can encrypt the entire drive. Otherwise, only encrypt the OS partition on your laptop using the System Encryption option. Later, you can encrypt the non-system partition (data) using the same password as the OS partition to mount at boot-up using System Favorites.
Kind Regards.
Last edit: Enigma2Illusion 2015-04-23
Ah, thanks for your replies. Didnt know you couldnt encrypt windows partitions from another O.S!
I will try your recommendations!