But all the computers that need the recovery key are stored in active directory's default "Computers" directory, which does not allow for a GPO to be linked, so I linked the GPO to a security group with all the computers in it rather than an OU. So some of my computers in my "Computers" directory have the bitlocker keys while some do not.įinally, I have just linked it to beyond my test environment into my domain to see if it would make a difference. I saved the bitlocker recovery keys in AD DS for some computers a few months ago and it worked. Store recovery passwords and key packagesĪdditionally, I'm not sure if this is the reason it is failing, I am trying to do this a second time. Checked "Save bitlokcer recovery information to AD DS for operating system drives"ĭ. "Do not allow 48-digit recovery password"Ĭ. Delegated it to multiple computers in the test environmentĮnabled "Store bitlocker recovery information in ADDS"Įnabled "Choose drive encryption and cipher strength" for allĮnabled "Require additional authentication at startup"Įnabled "Enforce drive encryption type on operating system drives"Įnabled "Choose how bitlocker-protected operating system drives canĪ.I have followed all instructions online to get this to work. I am working in active directory and group policy and need to store the bitlocker recovery keys in the bitlocker tab. I have been working on this all last week and this week and have made no progress.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |