We help IT Professionals succeed at work.

Bitlocker integration with AD

Exchange User
Hi Experts,

I am new to Bitlocker and we are now in a pilot phase of encrypting all corporate devices using Bitlocker integrated with AD for recovery information. Everything is working well but there are few PCs that already had Bitlocker enabled and when I move them to the OU where GPO for AD integration is applied, the recovery password does not show up in the BitLocker Recovery tab in the PC's properties in AD.

Any idea how we can get that fixed ? Do we have to disable bitlocker and then reencrypt it ?
Watch Question

Distinguished Expert 2019
You don't have to re-encrypt. Just deploy a batch by means of an immediate scheduled task that you place in the group policy preference section.
It would go

for /f "tokens=1,2" %%a in ('manage-bde -protectors -get C: -Type recoverypassword ^| findstr ID') do manage-bde -protectors -adbackup c: -id %%b

Open in new window

for the c: drive.