Jump to content


Sign in to follow this  
NobleComputing

Strange Behavior on Writing Bitlocker key to AD

Recommended Posts

The writing of the Bitlocker key to AD has been working flawlessly... until we started to receiving machines with SSD drives in them. The task sequence works flawlessly with no errors. The problem is the bitocker recovery tab within AD is empty. I can run the manual way (https://blogs.technet.microsoft.com/askcore/2010/04/06/how-to-backup-recovery-information-in-ad-after-bitlocker-is-turned-on-in-windows-7/ ) and it will input the data in to ad, but I do not want to have to do this :).

 

The real strange thing is if I remove the machine from AD, and reimage it, the key properly registers itself within AD. Only on the second pass will it work?

Share this post


Link to post
Share on other sites


I had similar issues, the BDE recovery key would inconsistently be written to AD (usually not at all). You were _very close_ with the link you pasted. Yes, it has manual steps in the discussion but there is a lead-up to an automated script at the bottom, it's a link - look carefully for it below the authors' signatures: "BDEAdBackup.vbs"

 

I've tried this script by inserting it as a new command line task in my sequence toward the very bottom, after I've already enabled BitLocker. If you do it too fast there may not be key data ready to write to AD. In my case, it solved the issue.

 

I usually kick it off by running: cscript.exe %SCRIPTROOT%\Custom\BDEAdBackup.vbs

 

Original blog post with that script link is: https://blogs.technet.microsoft.com/askcore/2010/04/06/how-to-backup-recovery-information-in-ad-after-bitlocker-is-turned-on-in-windows-7/

 

Your mileage may vary. Good luck.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...