BitLocker with Active Directory RRS feed

  • Question

  • Hello,

    I am trying to setup Bitlocker where I can view the recovery key in Active Directory. I have made sure the delegation rights are setup with the self account on the OU that the machine resides, and I have followed the group policy documentation online that is applying to the client. The problem I am finding is that when I go to the client to turn on Bitlocker, it is telling me that I need to insert a USB key. I don't want to insert a USB key, and just want my recovery key stored in AD associated to the computer account.

    I have placed a screenshot below of when I am seeing. 

    What can I do to just have the drive start encrypting without a password, without a pin and without a USB key. Just storing the recovery key in the AD with the computer object?



    Wednesday, November 28, 2018 4:07 AM

All replies