We are in the process of upgrading our clients to Windows 7 x64. All notebooks have Bitlocker encryption enabled as part of the build Task Sequence in MDT.
We just realised today that a large number of notebook clients (200+) have been encrypted whilst in the wrong OU in Active Directory. Therefore they have not received the Bitlocker GPO telling them only to encrypt if they can save their Recovery Key to AD. The BitLocker Recovery tab for most of these computers is empty.
Is there any way I can save the Bitlocker Recovery information to AD after the client has been encrypted?
I really need to script this and run it remotely due to the number of clients already out there with encryption enabled.
I found some info blog post here...
and tried to push the script via SCCM. It ran successfully but no info appeared in AD.