Automatically add BitLocker recovery key to Active Directory via Group Policy start up script

This can be achieved by using the below PowerShell script as a Computer start up script to automatically add the machine recovery key into Active Directory

$keyID = Get-BitLockerVolume -MountPoint c: | select -ExpandProperty keyprotector |
where {$_.KeyProtectorType -eq ‘RecoveryPassword’}
Backup-BitLockerKeyProtector -MountPoint c: -KeyProtectorId $keyID.KeyProtectorId

If you found this article helpful, would you consider buying me a Coffee?