Difference between revisions of "Backup Bitlocker Keys to Active Directory"

From Wiki.CoreyBlair.US
Jump to navigation Jump to search
(Added Proper Citation)
(Added introduction and changed first steps on running cmd as admin)
 
Line 1: Line 1:
*Press Windows key + X
+
The following instructions can be used to force a supported Microsoft Windows operating system to backup its encryption key to Active Directory for safe keeping. Please note that if you have setup bitlocker GPOs with existing encrypted devices already in production, you will need to run this command on those existing endpoints.
*Click "Command Prompt '''(admin)'''"
+
*Press Windows key to show the start menu & type "cmd" to bring up a search for Windows Command Prompt
 +
*Right click Windows Command Prompt and select '''"Run as Administrator"'''
 
*Enter the following command:
 
*Enter the following command:
 
::<code>manage-bde -protectors -get c:</code><ref name="jack" />
 
::<code>manage-bde -protectors -get c:</code><ref name="jack" />

Latest revision as of 14:27, 1 December 2017

The following instructions can be used to force a supported Microsoft Windows operating system to backup its encryption key to Active Directory for safe keeping. Please note that if you have setup bitlocker GPOs with existing encrypted devices already in production, you will need to run this command on those existing endpoints.

  • Press Windows key to show the start menu & type "cmd" to bring up a search for Windows Command Prompt
  • Right click Windows Command Prompt and select "Run as Administrator"
  • Enter the following command:
manage-bde -protectors -get c:[1]
  • From here you should copy the "Numerical Password ID with the brackets"
Example of Step 3. Keys have been blurred on purpose
  • Enter the following command with numerical ID from above inserted
manage-bde -protectors -adbackup c: -id {yourNumbericalPassword}[1]
  • You should see that your key was successfully backed up to Active Directory
Example of Step 6. Key Number has been blurred on purpose

References

  1. 1.0 1.1 Jack Stromberg, jackstromberg.com, February 4, 2015