{"id":14147,"date":"2019-04-19T02:11:07","date_gmt":"2019-04-19T02:11:07","guid":{"rendered":"https:\/\/www.top-password.com\/blog\/?p=14147"},"modified":"2019-04-19T02:15:45","modified_gmt":"2019-04-19T02:15:45","slug":"find-bitlocker-recovery-key-from-active-directory","status":"publish","type":"post","link":"https:\/\/www.top-password.com\/blog\/find-bitlocker-recovery-key-from-active-directory\/","title":{"rendered":"Easy Ways to Find BitLocker Recovery Key from Active Directory"},"content":{"rendered":"<p>BitLocker is prompting for a recovery key and you lost it? <a href=\"https:\/\/www.top-password.com\/blog\/use-gpo-to-save-bitlocker-recovery-key-in-active-directory\/\" target=\"_blank\" rel=\"noopener noreferrer\">Applying the GPO to store BitLocker recovery password in Active Directory<\/a> is a good practice for companies when data security is a concern. In this tutorial we&#8217;ll show you different ways to find BitLocker recovery key\/password from Active Directory or Azure AD.<\/p>\n<p><strong>Method 1: Find BitLocker Recovery Key in AD Using PowerShell<\/strong><\/p>\n<ol>\n<li>Press the Windows key + X and then select &#8220;<strong>Windows PowerShell (Admin)<\/strong>&#8221; from the Power User Menu.\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.top-password.com\/blog\/wp-content\/uploads\/2017\/06\/windows-powershell-admin.png\" alt=\"\" width=\"271\" height=\"613\" class=\"alignnone size-full wp-image-9511\" \/>\n<\/li>\n<li>Copy and paste the following script into the PowerShell console and hit Enter. Substitute &#8220;<em>PCUnlocker<\/em>&#8221; with the name of the computer you want to locate BitLocker recovery key for.\n<p><code>$objComputer = Get-ADComputer PCUnlocker<br \/>\n$Bitlocker_Object = Get-ADObject -Filter {objectclass -eq 'msFVE-RecoveryInformation'} -SearchBase $objComputer.DistinguishedName -Properties 'msFVE-RecoveryPassword'<br \/>\n$Bitlocker_Object<\/code><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.top-password.com\/blog\/wp-content\/uploads\/2019\/04\/powershell-recover-bitlocker-recovery-key-from-ad.png\" alt=\"\" width=\"600\" height=\"391\" class=\"alignnone size-full wp-image-14158\" \/>\n<\/li>\n<li>It will retrieve all details from the &#8216;<strong>msFVE-RecoveryInformation<\/strong>&#8216; objects attached to your target computer. The <strong>msFVE-RecoveryPassword<\/strong> item is the BitLocker recovery key you&#8217;re looking for.<\/li>\n<\/ol>\n<p><strong>Method 2: Using BitLocker Recovery Password Viewer Utility<\/strong><\/p>\n<p>If you&#8217;ve <a href=\"https:\/\/www.top-password.com\/blog\/install-bitlocker-recovery-password-viewer-for-active-directory\/\" target=\"_blank\" rel=\"noopener noreferrer\">enabled the BitLocker Recovery Password Viewer feature<\/a> in Active Directory, it&#8217;s pretty simple to retrieve BitLocker recovery key for any computer in AD. Follow these steps:<\/p>\n<ol>\n<li>After opening the Active Directory Users and Computers snap in, expand your domain and click the <strong>Computers<\/strong> container. Right-click on your target computer object and select <strong>Properties<\/strong>.\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.top-password.com\/blog\/wp-content\/uploads\/2019\/04\/computer-object-in-ad.png\" alt=\"\" width=\"582\" height=\"378\" class=\"alignnone size-full wp-image-14159\" \/>\n<\/li>\n<li>Go to the <strong>Bitlocker Recovery<\/strong> tab, you can view all BitLocker recovery keys that were automatically backed up to AD.\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.top-password.com\/blog\/wp-content\/uploads\/2019\/04\/ad-bitlocker-recovery-tab.png\" alt=\"\" width=\"463\" height=\"485\" class=\"alignnone size-full wp-image-14160\" \/>\n<\/li>\n<\/ol>\n<p>If you know the first 8 digits of the Password ID, here&#8217;s how to search your BitLocker recovery keys:<\/p>\n<ol>\n<li>Right-click on your domain in the left pane of Active Directory Users and Computers snap in, and then select <strong>Find BitLocker recovery password<\/strong>.\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.top-password.com\/blog\/wp-content\/uploads\/2019\/04\/find-bitlocker-recovery-password-from-ad.png\" alt=\"\" width=\"582\" height=\"482\" class=\"alignnone size-full wp-image-14161\" \/>\n<\/li>\n<li>Enter the first 8 characters of Password ID and click on <strong>Search<\/strong>.\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.top-password.com\/blog\/wp-content\/uploads\/2019\/04\/search-bitlocker-recovery-password-in-ad.png\" alt=\"\" width=\"593\" height=\"419\" class=\"alignnone size-full wp-image-14162\" \/>\n<\/li>\n<li>It will locate the matching BitLocker recovery keys that are stored in your Active Directory.<\/li>\n<\/ol>\n<p><strong>Method 3: Locate BitLocker Recovery Key in Azure AD<\/strong><\/p>\n<p>Once the BitLocker recovery key is backed up to Azure AD, users can find their own keys in the <strong>Profile<\/strong> section after signing into <a href=\"https:\/\/account.activedirectory.windowsazure.com\/profile\/\" rel=\"noopener noreferrer\" target=\"_blank\">https:\/\/account.activedirectory.windowsazure.com\/profile\/<\/a>. Administrators can log in to <a href=\"https:\/\/account.activedirectory.windowsazure.com\/n\/#\/devices\" rel=\"noopener noreferrer\" target=\"_blank\">https:\/\/account.activedirectory.windowsazure.com\/n\/#\/devices<\/a>, select the appropriate device, and click <strong>View Details<\/strong> to get the BitLocker recovery key.<\/p>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>BitLocker is prompting for a recovery key and you lost it? Applying the GPO to store BitLocker recovery password in Active Directory is a good practice for companies when data security is a concern. In this tutorial we&#8217;ll show you different ways to find BitLocker recovery key\/password from Active Directory or Azure AD. Method 1: [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[92,1],"tags":[4185,4183,4184,4186],"class_list":["post-14147","post","type-post","status-publish","format-standard","hentry","category-active-directory-password","category-others","tag-azure-ad-bitlocker-recovery-key","tag-find-bitlocker-recovery-key-from-ad","tag-get-bitlocker-recovery-key-from-ad-powershell","tag-recover-bitlocker-recovery-key-in-ad"],"_links":{"self":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/14147","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/comments?post=14147"}],"version-history":[{"count":15,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/14147\/revisions"}],"predecessor-version":[{"id":14168,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/14147\/revisions\/14168"}],"wp:attachment":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/media?parent=14147"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/categories?post=14147"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/tags?post=14147"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}