Or, select the Start button, and then under Windows System, select Control Panel.In Control Panel, select System and Security, and then under BitLocker Drive Encryption, select Manage BitLocker. ![]() In addition to the above settings, there are many other options in Group policy that will help you when using BitLocker. In the search box on the taskbar, type Manage BitLocker and then select it from the list of results. ResultĪs you can see from the example in this publication, storing encrypted drive keys in the domain is not so difficult, and we hope that our article was helpful! To be on the safe side, only the domain administrator has the rights to see the BitLocker key, but this can be fixed by assigning rights to other domain users. The recovery key can be found using the first 8 characters (In our example 6CEF9111). If one of the users cannot log in, the administrator can find the encryption key in the domain and with this key the user can log in without any problems. The password is only the password to the key that unlocks the data on the drive. ![]() Go to the Control Panel for AD users and components, open the properties of the PC, and you will see a new tab called "BitLocker Recovery" in this tab you can see our encryption key. Bitlocker and other drive encryption is fundamentally uncrackable. Select the Do not enable BitLocker until recovery information is. ![]() ![]() To manage and configure BitLocker client computers, you need to install components on the server:Īfter installing the component, you need to restart the server. If you select Backup recovery password only, only the recovery password is stored in AD DS.
0 Comments
Leave a Reply. |