Find Bitlocker Key In Active Directory 【Web Authentic】

Since Windows Server 2008 and Windows Vista, Microsoft has allowed BitLocker recovery information to be escrowed directly into AD. Here is your definitive guide to finding that key.

The IT Pro’s Lifesaver: How to Find the BitLocker Recovery Key in Active Directory (and Why You Should Be Storing Them There) find bitlocker key in active directory

If you have legacy systems or the BitLocker tab is missing, you can use ADSI Edit (adsiedit.msc). Navigate to the computer’s DN, look for child objects of class msFVE-RecoveryInformation . The msFVE-RecoveryPassword attribute is the raw key. Since Windows Server 2008 and Windows Vista, Microsoft

Next time you see that black recovery screen, don't panic. Open dsa.msc , turn on Advanced Features, and save the day. Navigate to the computer’s DN, look for child

You can find the key without leaving your terminal. Run this from a Domain Controller or a machine with the AD module installed.

# Import the AD module Import-Module ActiveDirectory $ComputerName = "LAPTOP-JSMITH" $Computer = Get-ADComputer -Identity $ComputerName -Properties * Retrieve the BitLocker recovery password Get-ADObject -Filter {objectclass -eq 'msFVE-RecoveryInformation'} -SearchBase $Computer.DistinguishedName -Properties 'msFVE-RecoveryPassword'

Note: Look for the msFVE-RecoveryPassword field in the output. That is your key.