BitLocker to Go & Save the Recovery key in Active Directory

Before you start wit Bitlocker to Go your domain controllers must be 2008 R2. You must upgrade your Schema.

After done that I made a group policy named Bitlocker to Go.
You can find the Bitlocker Policy under: Computer Configuration | Policies | Administrative Templates: Policy Definitions | Windows Components | BitLocker Drive Encryption | Removable Data Drives.

I enabled the following policies:

Choose How BitLocker Removable Drives Can Be Recovered


At first you must select the Allow Data Recovery Agent option. This option should be selected by default, but since this option is what makes the entire key recovery process possible, it is important to verify that the option is enabled.

Next, you will enable the Omit Recovery Option From The BitLocker Setup Wizard option. This prevents users from saving or printing their own copies of the recovery key.

Next, you will have to select the Save BitLocker Recovery Information to AD DS for Removable Data Drives. This is the option that actually saves the BitLocker recovery keys to the Active Directory.

Finally, you should select the Do Not Enable BitLocker Until Recovery Information Is Stored To AD DS For Removable Data Drives option. This option forces Windows to confirm that the recovery has been written to the Active Directory before BitLocker is allowed to encrypt the drive. That way, you do not have to worry about a power failure wiping out the recovery key half way through the encryption process.

Windows XP SP2 & SP3 can only read the bitlocker usb stick.

MDT HP,Lenovo,Dell tools for getting the right drivers for a specific model

When you search a driver for a specific model you always go to the HP, Dell, Lenovo, Dell site and  then you go to download section and chose the model of your pc/laptop and os version and download the drivers.

The Are some handy tools for you:

Dell Tool:
Dell makes drivers driver CABs which incluse all your drivers for your model and OS.

HP Tool:
HP SoftPaq Download Manager provides a simple, powerful way to download software updates for the HP client PC models in your environment. HP SDM can significantly reduce the amount of time it takes to locate and download updates. SoftPaqs can be downloaded in as few as three easy steps from a single user interface after initial setup.


Lenovo Tool:
ThinkVantage Update Retriever enables you to download update packages from the Lenovo Help Center Web site to a network share repository folder.
This is a search tool. You give the model nummer en os and Update Retriever and scan the Lenovo Help Center Web site for the latest driver

Translate »