BitLocker, How to recover BitLocker key using Active Directory Users and Computers

Overview

BitLocker is a Windows-specific disk encryption scheme. Keys can be stored and retrieved from Active Directory using a common program available on Windows systems.

For a user's personal device that is not domain-joined, please have them login to the Microsoft 365 Devices portal, have them select their device, then select 'View Bitlocker Keys'.

Systems

Windows Computers

Intended Audience

University of Illinois IT Pros leveraging Active Directory to store BitLocker keys

General Information

This article describes the steps an IT Pro can take to recover a BitLocker key stored in Active Directory.

You will need

Steps

  1. Find the AD computer object representing the machine using Active Directory Users and Computers.

  2. Right-click on the computer object, select Properties
    Open the computer object properties

  3. Select the BitLocker Recovery tab

  4. Identify the correct recovery password using the Password ID which should match the BitLocker prompt on the workstation.
    Navigate to the BitLocker Recovery tab


Contact the EPS team



Keywords:
ADUC encryption Windows "active directory users and computers" "active directory users & computers" BitLocker 
Doc ID:
81568
Owned by:
Active D. in University of Illinois Technology Services
Created:
2018-04-11
Updated:
2024-05-06
Sites:
University of Illinois Technology Services