none
Bitlocker Recovery Password File RRS feed

  • Question

  • HI all! I am currently using MDT 2013 to deploy windows 8.1 and am using the Enable Bitlocker task sequence steps and I have GPOs configured for backing up recovery info to Active Directory. Everything appears to be working well but on a computer that has Bitlocker enabled, immediately after deployment I see that there is a text file in the root of c: that contains the Bitlocker Recovery Password. Should this be happening? Here are my BDE settings in customsettings.ini.

    BDEInstall=TPM
    BDEInstallSuppress=NO
    BDEWaitForEncryption=True
    BDEDriveLetter=Q:
    BDEDriveSize=400
    BDERecoveryKey=AD
    SkipBitLocker=YES

    Thanks!

    Wednesday, April 9, 2014 2:45 PM

Answers

  • You can set the location of this file with the BDEKeyLocation parameter in customsettings.ini. If you don't want to keep this, set the location to deployment temporary folder:

    BDEKeyLocation=C:\MININT

    • Marked as answer by Matt McNabb Thursday, April 10, 2014 4:35 PM
    Wednesday, April 9, 2014 6:16 PM

All replies

  • You can set the location of this file with the BDEKeyLocation parameter in customsettings.ini. If you don't want to keep this, set the location to deployment temporary folder:

    BDEKeyLocation=C:\MININT

    • Marked as answer by Matt McNabb Thursday, April 10, 2014 4:35 PM
    Wednesday, April 9, 2014 6:16 PM
  • Thanks this worked like a charm!
    Thursday, April 10, 2014 4:35 PM