Automatically add BitLocker recovery key to Active Directory via Group Policy start up script

Add BitLocker recovery key to Active Directory via Group Policy start up script

This can be achieved by using the below PowerShell script as a Computer start up script to automatically add the machine recovery key into Active Directory

$keyID = Get-BitLockerVolume -MountPoint c: | select -ExpandProperty keyprotector |
where {$_.KeyProtectorType -eq ‘RecoveryPassword’}
Backup-BitLockerKeyProtector -MountPoint c: -KeyProtectorId $keyID.KeyProtectorId

If you found this article helpful, would you consider buying me a Coffee?

Leave a Reply

Your email address will not be published. Required fields are marked *