E
Elizabeth Madondo
May you please assist. We have recently noted that most of our new purchased computers in my organisation have BitLocker enabled automatically when the machine is setup. Users are are not aware that they have BitLocker since BitLocker seems not to have been setup to require pin at start up but the moment the machine gets locked, it will require a recovery password which users do not have. As IT Security, we have been manually enabling BitLocker using a Group Policy and we are centrally managing or saving the recovery passwords on AD. However, for the new machines which we have not yet added on the AD BitLocker group, we are failing to assist users to retrieve their BitLocker passwords once their machines gets locked and prompt for the recovery password. On a user machine that I am currently troubleshooting, I cant find the recovery password on AD as it was not enabled through Group Policy. I also checked the recovery password under the user device on Azure AD and there is no recovery password. On the locked machine, there is also a Microsoft URL given on window prompting for BitLocker recovery password where its says you can use your school or work account to retrieve your key (aka.ms/aadrecoverykey) but unfortunately the user does not have a Microsoft account and we do not have Microsoft accounts in my company as we all use domain accounts. How best can we retrieve the recovery passwords when BitLocker was enabled automatically and the recovery password is not managed centrally.
Continue reading...
Continue reading...