What Is the System Reserved Partition and Can You Delete It?

Windows 7, 8, and 10 create a special “System Reserved” partition when you install them on a clean disk. Windows doesn’t normally assign a drive letter to these partitions, so you’ll only see them when you use Disk Management or similar utility.

The System Reserved partition was introduced with Windows 7, so you won’t find it on previous versions of Windows. The partition is also created on Windows Serer 2008 R2 and newer Server versions of Windows

What Does the System Reserved Partition Do?

The System Reserved partition contains two important things:

• The Boot Manager and Boot Configuration Data: When your computer starts, the Windows Boot Manager reads the boot data from the Boot Configuration Data (BCD) Store. Your computer starts the boot loader off of the System Reserved partition, which in turn starts Windows from your system drive. 
• The startup files used for BitLocker Drive Encryption: If you ever decide to encrypt your hard drive with BitLocker drive encryption, the System Reserved partition contains the necessary files for starting your computer. Your computer boots the unencrypted System Reserved partition, and then decrypts the main encrypted drive and starts the encrypted Windows system.

The System Reserved partition is essential if you want to use BitLocker drive encryption, which can’t function otherwise. Important boot files are also stored here by default, although you could store them on the main Windows partition if you preferred.

When Windows Creates the System Reserved Partition

The System Reserved partition consumes 100 MB of space on Windows 7, 350 MB of space on Windows 8, and 500 MB of space on Windows 10. The partition is typically created during the Windows installation process, just before the installer allocates space for the main system partition.

Can You Delete the System Reserved Partition?

You really shouldn’t mess with the System Reserved partition—it’s easiest and safest to just leave it be.

Windows hides the partition by default instead of creating a drive letter for it. Most people never notice they have a System Reserved partition unless they fire up disk tools for other reasons. The System Reserved partition is mandatory if you use BitLocker—or want to use it in the future.

Prevent the System Reserved Partition From Being Created

If you really don’t want this partition on your drive—for whatever reason—the ideal thing to do is prevent it from being created in the first place. Rather than create a new partition in unallocated space from within the Windows installer, you can create a new partition that consumes all unallocated space by using another disk-partitioning tool before running Windows installation.

When it comes time, point the Windows installer at the partition you created. The Windows installer accepts that there’s no room for System Reserved partition and installs Windows onto a single partition. Bear in mind that you’re still not saving the entire 100 MB, 350 MB, or 500 MB that the partition would have taken. The boot files instead must be installed on your main system partition.

To do this, you’ll need to use any disk-partitioning software except the graphical one in the Windows installer. However, you can actually do this from within the Windows installer. Just follow the following steps:

• Press Shift+F10 while installing Windows to open a Command Prompt window.
• Type diskpart into the Command Prompt window and press Enter.
• Create a new partition in the unallocated space using the diskpart tool. For example, if you have a single drive in the computer and it’s completely empty, you can just type select disk 0 and then create partition primary to select the first disk and create a new partition using the entire amount of unallocated space on the drive.
• Continue the setup process. Select the partition you created earlier when you’re asked to create a partition.

Remove an Existing System Reserved Partition

It may be possible to remove a System Reserved partition after installing Windows. You can’t just delete the System Reserved partition, though. Because the boot loader files are stored on it, Windows won’t boot properly if you delete this partition.

To delete the System Reserved partition, you first have to move the boot files from the System Reserved partition onto the main Windows system drive. And this is harder than it sounds. It involves messing with the Registry, copying various files between drives, updating the BCD store, and making the main system drive the active partition. On Windows 8, it also involves disabling and then re-enabling the Windows Recovery Environment. You’ll then have to remove the System Reserved partition and enlarge your existing partition to reclaim the space.

All this is possible, and you’ll find various guides on the web that walk you through the process. However, Microsoft does not officially support the technique and we don’t recommend it, either. You’ll gain a very tiny bit of space—less than the few hundred MB used by the System Reserved partition—at the cost of potentially messing up your operating system and losing the ability to use BitLocker drive encryption.

For reference, here’s why you shouldn’t just delete the System Reserved partition. We used the GParted partition editor on an Ubuntu live CD to delete the System Reserved partition, and then made the main Windows system partition bootable with no attempt at copying the boot files. We saw a message saying our Boot Configuration Data was missing, and that we’d have to repair our computer with Windows installation media.

This partition may look like it’s cluttering your drive and wasting space, but it performs important functions and removing it frees up almost no space. It’s best to simply ignore the partition, and if you really don’t want it to be there, prevent it from being created while installing Windows.

Upgrade Windows Server 2012R2 AD to Server 2016

I know that this is not really a good idea, but I had questions on this and wanted to test. I wanted to test an upgrade Windows Server 2012R2 AD to Server 2016. In place migration. Yes, I know, it's not really worth it as often when migrating, the system isn't really “clean” with all those Microsoft patches accumulated over the years. And also, you usually deploy a new hardware as old hardware might not have the drivers compatible with Windows Server 2016.

Yes, we're talking about physical domain controller (DC) as in real life it's really not worth it to upgrade a virtual machine running 2012R2 into 2016. Usually, I'd chose the second option, which is just to install Windows Server 2016 as a member server and then add a DC role to it and do the migration of the AD like this, then “downgrading” the 2012R2 DC back to server member, before completely decommission the system from the domain.

The AD Services in Windows Server 2016 brought quite a few new things

Privileged Access Management – This PAM feature allows mitigating security concerns in AD environment which cause by techniques such as pass-the-hash, spear fishing … this is very interesting how it works.

Azure AD Join – This enhances identity experience for businesses. Including benefits such as SSO, access organizational resources, MDM integration etc.

Microsoft Passport – Microsoft Passport is a new key-based authentication approach organizations and consumers that go beyond passwords. This form of authentication relies on a breach, theft, and phish-resistant credentials.

Group Membership Expiration – Windows Server 2016 adds support for group membership expirations, allowing you to add a user to a group for a certain period of time. Very interesting indeed for folks you want to give them access for a limited time period only.

But as I said I was curious as I haven't tried this just yet. So one of my lab DCs which runs as VMs (not physical), will be migrated this way. Currently the VM has the Active Directory Domain Services role installed. I think it has also all 5 FSMO roles as well as I did not bother to separate the roles, to spread them out, to my other DC, which is also running 2012R2. OK, let's kick in the lab and do an Upgrade Windows Server 2012 R2 Domain Controller to Windows Server 2016 with the AD services.

How to Upgrade Windows Server 2012R2 AD to Server 2016 – The steps

The process starts with mounting the ISO and executing the setup.exe > The installer proposes to download the latest updates > Select the image you want to install

Then we'll have a message saying that “Active Directory on this domain controller does not contain Windows Server ADPREP /FORESTPREP updates. Our Windows 2016 ISO image is still attached, so we'll need to change drive letter and do:

E: (our CD-ROM drive letter)

then do a:

cd /support/adprep

and then

adprep.exe /forestprep

You'll need to press letter “c” on your keyboard to validate the command.

Once finished, rinse and repeat. Execute the:

adprep.exe /domainprep

and again validate by pressing the “c” letter on your keyboard. Once done you can click the finish button to start the upgrade process.

Then the process will start the process of upgrading Windows Server 2012r2 to Windows Server 2016 by preserving our Active Directory (AD) services. During the process the system will reboot once (in my case).

Then we simply check that we can successfully login and that our AD is still there.