- Encryption
- BitLocker
- Hardware
Bitlocker integration with AD
Hi Experts,
I am new to Bitlocker and we are now in a pilot phase of encrypting all corporate devices using Bitlocker integrated with AD for recovery information. Everything is working well but there are few PCs that already had Bitlocker enabled and when I move them to the OU where GPO for AD integration is applied, the recovery password does not show up in the BitLocker Recovery tab in the PC's properties in AD.
Any idea how we can get that fixed ? Do we have to disable bitlocker and then reencrypt it ?
I am new to Bitlocker and we are now in a pilot phase of encrypting all corporate devices using Bitlocker integrated with AD for recovery information. Everything is working well but there are few PCs that already had Bitlocker enabled and when I move them to the OU where GPO for AD integration is applied, the recovery password does not show up in the BitLocker Recovery tab in the PC's properties in AD.
Any idea how we can get that fixed ? Do we have to disable bitlocker and then reencrypt it ?
You don't have to re-encrypt. Just deploy a batch by means of an immediate scheduled task that you place in the group policy preference section.
It would go
for the c: drive.
It would go
for /f "tokens=1,2" %%a in ('manage-bde -protectors -get C: -Type recoverypassword ^| findstr ID') do manage-bde -protectors -adbackup c: -id %%b
for the c: drive.
Explore More Content
Explore More ContentExplore courses, solutions, and other research materials related to this topic.
-
![]()
received a Solution
Bitlocker - fTPM vs. dTPM - explaining differences when it comes to changing mainboards -
![]()
wrote an Article
![]()
How to manually pre-provision Bitlocker
-
![]()
created a Video
![]()
PDF Encrypted Email
-
Explore Cloud Class® ![]()
Certification: MCSE Microsoft Certified Systems Engineer - Configuring and Deploying a Private Cloud with System Center 2012 R2
Premium Content
You need an Expert Office subscription to comment.Start Free Trial