windows:client_os:backup_bitlocker_to_ad

Differences

This shows you the differences between two versions of the page.


windows:client_os:backup_bitlocker_to_ad [2019/10/31 09:06] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== Backup Bitlocker Recovery Key to AD ======
 +  - Get the ID for the numerical password protector of the volume, in the example below we are using the C: drive. Run the command from an elevated command prompt.
 +  - Use the numerical password protector’s ID from STEP 1 to backup recovery information to AD
 +      - You should now be able to view the recovery information for the volume in the active directory.
 +<code dos>
 +Microsoft Windows [Version 10.0.17763.55]
 +(c) 2018 Microsoft Corporation. All rights reserved.
  
 +C:\WINDOWS\system32>manage-bde -protectors -get c:
 +BitLocker Drive Encryption: Configuration Tool version 10.0.17763
 +Copyright (C) 2013 Microsoft Corporation. All rights reserved.
 +
 +Volume C: [Windows]
 +All Key Protectors
 +
 +    TPM:
 +      ID: {D03DCFF6-61C1-4F29-8097-CDDE7F9DFA3D}
 +      PCR Validation Profile:
 +        7, 11
 +        (Uses Secure Boot for integrity validation)
 +
 +    Numerical Password:
 +      ID: {BF09418F-4DF4-41EA-BC92-68655B933AAA}
 +      Password:
 +        254166-184503-131912-450604-420409-623161-522214-261327
 +
 +
 +C:\WINDOWS\system32>manage-bde -protectors -adbackup c: -id {BF09418F-4DF4-41EA-BC92-68655B933AAA}
 +BitLocker Drive Encryption: Configuration Tool version 10.0.17763
 +Copyright (C) 2013 Microsoft Corporation. All rights reserved.
 +
 +Recovery information was successfully backed up to Active Directory.
 +
 +C:\WINDOWS\system32>
 +</code>
  • windows/client_os/backup_bitlocker_to_ad.txt
  • Last modified: 2019/10/31 09:06
  • by 127.0.0.1