Get Bitlocker Recovery Key From Active Directory ((new)) -

Run this from a Domain Controller or RSAT-enabled machine:

Navigate to the Organizational Unit (OU) where the computer resides. Right-click the computer object and select Properties . get bitlocker recovery key from active directory

: Navigate to the Organizational Unit (OU) containing the computer. Open Properties : Right-click the computer object and select Properties BitLocker Recovery Tab : Click the BitLocker Recovery Run this from a Domain Controller or RSAT-enabled

$computer = Read-Host "Enter computer name" try $key = (Get-ADObject -Filter "objectClass -eq 'msFVE-RecoveryInformation'" -SearchBase (Get-ADComputer $computer).DistinguishedName -Properties msFVE-RecoveryPassword).msFVE-RecoveryPassword Write-Host "BitLocker Recovery Key for $computer : $key" -ForegroundColor Green catch Write-Host "Computer not found or no key stored in AD." -ForegroundColor Red Open Properties : Right-click the computer object and

: Right-click the computer and select Properties .

Type the 48 digits carefully. One wrong digit locks you out for another hour.

$keyID = "6B6B6B6B" Get-ADObject -Filter ObjectClass -eq 'msFVE-RecoveryInformation' -SearchBase "OU=Workstations,DC=domain,DC=com" -Properties msFVE-RecoveryPassword,msFVE-RecoveryGuid | Where-Object $_.Name -match $keyID | Select-Object msFVE-RecoveryPassword