Configure Active Directory to Store BitLocker Recovery Keys

Please refer to this video for now: https://youtu.be/vcjCj2JPDig

This page will be updated soon…

This demonstration uses Windows Server 2022 server and Windows 11 Professional. But the principles are same for Windows Server 2012 through 2022 (Windows Server 2022 / 2019 / 2016 / 2012). There is only a minor settings/GUI differences among most of the previous versions of Windows Servers. The BitLocker Feature add-on for previous Windows Server versions may not prompt you to add the required components when installing it. Please refer to the video for more information. The enforced GPO settings will work on Windows 11, 10 and previous versions of client Operating Systems connected to the domain Active Directory.

PowerShell Cmdlets

$BLV = Get-BitLockerVolume -MountPoint "C:"
Backup-BitLockerKeyProtector -MountPoint "C:" -KeyProtectorId $BLV.KeyProtector[1].KeyProtectorId

Also check out these articles

Automate storing of BitLocker Recovery Keys in AD using PowerShell
How to create Home Folders in Active Directory (AD) – Windows Server 2022
How to join Linux to a Windows AD-DS Domain
Configure Microsoft Deployment Toolkit (MDT)
Install Microsoft Deployment Toolkit (MDT)
Introduction to PowerShell 7
How to Map Network Drives without GPOs – Windows Server 2022
How to wipe your data on Windows 10 and 11
How to Disable Microsoft Telemetry in Windows 11, 10 & Server 2019
How to configure dual boot with Microsoft Windows

Sanuja Senanayake

Configure Active Directory to Store BitLocker Recovery Keys

PowerShell Cmdlets

Also check out these articles

Standing on the shoulders of giants

PowerShell Cmdlets

Also check out these articles

Print/Share:

Standing on the shoulders of giants