deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 18:33:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Paolo Matarazzo
2023-10-12 08:28:10 -04:00
parent 425db8cdf3
commit 6137e180d8
5 changed files with 42 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
windows/security/operating-system-security/data-protection/bitlocker/recovery-guide-password-reset.md → windows/security/operating-system-security/data-protection/bitlocker/manage-recovery-passwords.md
View File

@ -1,5 +1,5 @@
---
title: Manage BitLocker recovery password
title: Manage BitLocker recovery passwords
description: Learn how to recover BitLocker keys from Microsoft Entra ID and Active Directory Domain Services (AD DS).
ms.collection:
- highpri
@ -8,7 +8,7 @@ ms.topic: how-to
ms.date: 09/29/2023
---
# Recovery password
# Manage BitLocker recovery passwords
## Reset recovery password
@ -118,3 +118,40 @@ Device name: DESKTOP-53O32QI
Key id: 045219ec-a53b-41ae-b310-08ec883aaedd
BitLocker recovery key: 158422-038236-492536-574783-256300-205084-114356-069773
```
## BitLocker Recovery Password Viewer
BitLocker Recovery Password Viewer is an optional tool included with the *Remote Server Administration Tools (RSAT)*. With Recovery Password Viewer you can view the BitLocker recovery passwords that are stored in Active Directory Domain Services (AD DS). The tool is an extension for the *Active Directory Users and Computers Microsoft Management Console (MMC)* snap-in.
With BitLocker Recovery Password Viewer you can:
- Check the Active Directory computer object's properties to find the associated BitLocker recovery passwords
- Search Active Directory for BitLocker recovery password across all the domains in the Active Directory forest. Passwords can also be searched by password identifier (ID)
## Requirements
To complete the procedures in this scenario, the following requirements must be met:
- Domain administrator credentials
- Devices must be joined to the domain
- On the domain-joined devices, BitLocker must be enabled
The following procedures describe the most common tasks performed by using the BitLocker Recovery Password Viewer.
## View the recovery passwords for a computer object
1. In **Active Directory Users and Computers**, locate and then select the container in which the computer is located
1. Right-click the computer object and select **Properties**
1. In the **Properties** dialog box, select the **BitLocker Recovery** tab to view the BitLocker recovery passwords that are associated with the computer
## Copy the recovery passwords for a computer object
1. Follow the steps in the previous procedure to view the BitLocker recovery passwords
1. On the **BitLocker Recovery** tab of the **Properties** dialog box, right-click the BitLocker recovery password that needs to be copied, and then select **Copy Details**
1. Press <kbd>CTRL</kbd>+<kbd>V</kbd> to paste the copied text to a destination location, such as a text file or spreadsheet
## Locate a recovery password by using a password ID
1. In Active Directory Users and Computers, right-click the domain container and select **Find BitLocker Recovery Password**
1. In the **Find BitLocker Recovery Password** dialog box, type the first eight characters of the recovery password in the **Password ID (first 8 characters)** box, and select **Search**
1. Once the recovery password is located, you can use the previous procedure to copy it

1
windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md
View File

@ -431,7 +431,6 @@ BackupToAAD-BitLockerKeyProtector -MountPoint "C:" -KeyProtectorId $BLV.KeyProte
---
### Backup a recovery password to Active Directory
#### [:::image type="icon" source="images/powershell.svg"::: **PowerShell**](#tab/powershell)

46
windows/security/operating-system-security/data-protection/bitlocker/recovery-password-viewer.md
View File

@ -1,46 +0,0 @@
---
title: How to use BitLocker Recovery Password Viewer
description: Learn how to use the BitLocker Recovery Password Viewer tool.
ms.collection:
- tier1
ms.topic: how-to
ms.date: 07/25/2023
---
# How to use BitLocker Recovery Password Viewer
BitLocker Recovery Password Viewer is an optional tool included with the *Remote Server Administration Tools (RSAT)*. With Recovery Password Viewer you can view the BitLocker recovery passwords that are stored in Active Directory Domain Services (AD DS). The tool is an extension for the *Active Directory Users and Computers Microsoft Management Console (MMC)* snap-in.
With BitLocker Recovery Password Viewer you can:
- Check the Active Directory computer object's properties to find the associated BitLocker recovery passwords
- Search Active Directory for BitLocker recovery password across all the domains in the Active Directory forest. Passwords can also be searched by password identifier (ID)
## Requirements
To complete the procedures in this scenario, the following requirements must be met:
- Domain administrator credentials
- Devices must be joined to the domain
- On the domain-joined devices, BitLocker must be enabled
The following procedures describe the most common tasks performed by using the BitLocker Recovery Password Viewer.
## View the recovery passwords for a computer object
1. In **Active Directory Users and Computers**, locate and then select the container in which the computer is located
1. Right-click the computer object and select **Properties**
1. In the **Properties** dialog box, select the **BitLocker Recovery** tab to view the BitLocker recovery passwords that are associated with the computer
## Copy the recovery passwords for a computer object
1. Follow the steps in the previous procedure to view the BitLocker recovery passwords
1. On the **BitLocker Recovery** tab of the **Properties** dialog box, right-click the BitLocker recovery password that needs to be copied, and then select **Copy Details**
1. Press <kbd>CTRL</kbd>+<kbd>V</kbd> to paste the copied text to a destination location, such as a text file or spreadsheet
## Locate a recovery password by using a password ID
1. In Active Directory Users and Computers, right-click the domain container and select **Find BitLocker Recovery Password**
1. In the **Find BitLocker Recovery Password** dialog box, type the first eight characters of the recovery password in the **Password ID (first 8 characters)** box, and select **Search**
1. Once the recovery password is located, you can use the previous procedure to copy it

4
windows/security/operating-system-security/data-protection/bitlocker/toc.yml
View File

@ -27,10 +27,8 @@ items:
href: preboot-recovery-screen.md
- name: BitLocker repair tool
href: recovery-guide-repair-tool.md
- name: BitLocker password reset
- name: Manage BitLocker recovery passwords
href: recovery-guide-password-reset.md
- name: BitLocker Recovery Password Viewer
href: recovery-password-viewer.md
- name: Reference
items:
- name: BitLocker policy settings