BitLocker – Josh's IT-Blog

recover deleted Bitlocker Recovery Informations

17. July 201317. July 2013 by Burkard Josh

Today I had a request from a first-level-admin which need the Bitlocker Recovery Password for a already deleted computer object. Here is what I came up with:

$compname = "ComputerName"
$SearchRoot = "CN=Deleted Objects,DC=domain,DC=local"

$recoverykeys = Get-QADObject -Tombstone -Recycled -Type "msFVE-RecoveryInformation" -SizeLimit 0 -Includedproperties msFVE-RecoveryPassword -SearchRoot $SearchRoot | ? {$_.lastknownparent -like "*$compname*"} | select msFVE-RecoveryPassword

$recoverykeys

$compname = "ComputerName"

$SearchRoot = "CN=Deleted Objects,DC=domain,DC=local"

$recoverykeys = Get-QADObject -Tombstone -Recycled -Type "msFVE-RecoveryInformation" -SizeLimit 0 -Includedproperties msFVE-RecoveryPassword -SearchRoot $SearchRoot | ? {$_.lastknownparent -like "*$compname*"} | select msFVE-RecoveryPassword

$recoverykeys

Please note that you need to be a Domain Admin (or equivalent) to be able to read the Deleted Objects Container. The tombstones will have a lifetime, after their expiration, you can’t access anymore to the recovery passwords.

BitLocker in a enterprise environment

16. May 201114. April 2011 by Burkard Josh

Each System-Administrator knows the problem. Every day a users loses his Notebook or his mobile device. The financial loss is one thing, but lose the the datas and the control who has access to this datas is a disaster for a lot of companies.

To secure your datas from loss some developers created solutions to backup your datas. Another important point is to encrypt your datas in a secure way, so that no one outside your organisation can access your sensitive datas.

The following things should be noted: read more

Share this:

Share this: