bitLocker GPO best practice settings

Hi,

We've enabled machines to be able to store TPM information in AD, run the add-tpm script, and would now like to configure the BitLocker GPO according to some sort of best practice reference. Ideally, we would like to store a recovery password in AD. Any ideas where we can get hold of one?

Thanks!
rookie_bAsked:
Who is Participating?
 
Tony JLead Technical ArchitectCommented:
Have you read the following best practices guides from MS?

http://technet.microsoft.com/en-us/library/dd875532(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/jj592683.aspx

As for storing the recovery password in AD - there are some step-by-step steps here:

http://technet.microsoft.com/en-us/library/dd875529(v=ws.10).aspx

They also provide the scripts you need to run to achieve what you're trying to do.
0
 
rookie_bAuthor Commented:
Excellent!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.