Merge pull request #12033 from windows1011/patch-1

Update choose-how-bitlocker-protected-fixed-drives-can-be-recovered.md
2025-05-12 05:17:22 +00:00 · 2025-04-24 10:21:48 -04:00 · 2025-04-24 10:21:48 -04:00 · a2ee97cff2
commit a2ee97cff2
parent 95bf9b8b53 61c56ab0fb
1 changed files with 4 additions and 0 deletions
--- a/windows/security/operating-system-security/data-protection/bitlocker/includes/choose-how-bitlocker-protected-fixed-drives-can-be-recovered.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/includes/choose-how-bitlocker-protected-fixed-drives-can-be-recovered.md
@ -15,6 +15,10 @@ This policy setting allows you to control how BitLocker-protected fixed data dri
 - **Save BitLocker recovery information to Active Directory Domain Services**: choose which BitLocker recovery information to store in AD DS for fixed data drives. If you select **Backup recovery password and key package**, both the BitLocker recovery password and key package are stored in AD DS. Storing the key package supports recovering data from a drive that has been physically corrupted. If you select **Backup recovery password only**, only the recovery password is stored in AD DS
 - **Do not enable BitLocker until recovery information is stored in AD DS for fixed data drives**: prevents users from enabling BitLocker unless the device is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. When using this option, a recovery password is automatically generated.

+For Microsoft Entra hybrid joined devices, the BitLocker recovery password is backed up to both Active Directory and Entra ID.
+
+For Microsoft Entra joined devices, the BitLocker recovery password is backed up to Entra ID.
+  
 > [!IMPORTANT]
 > The use of recovery keys must be disallowed if the **Deny write access to fixed drives not protected by BitLocker** policy setting is enabled.