I am testing Bitlocker on Windows 7 Ultimate in a Windows 2008 R2 domain. I enabled bitlocker on 1 laptop to test; however, the bitlocker recovery key is not visible in RSAT.
I set a GPO.
Store BitLocker recovery information in Active Directory Domain Services(Windows Server 2008 and Windows Vista) Enabled
Require BitLocker backup to AD DS Enabled
If selected, cannot turn on BitLocker if backup fails (recommended default).
If not selected, can turn on BitLocker even if backup fails. Backup is not automatically retried.
Select BitLocker recovery information to store: Recovery passwords and key packages
A recovery password is a 48-digit number that unlocks access to a BitLocker-protected drive.
A key package contains a drive's BitLocker encryption key secured by one or more recovery passwords
Key packages may help perform specialized recovery when the disk is damaged or corrupted.
I moved the computer account in the OU with the linked GPO.
Refreshed GP, logged in, enabled bitlocker, no recovery key.
What am I missing?