10/30/2023 0 Comments Bitlocker recovery password viewer![]() ![]() You Active Directory must be running the Windows Server 2003 R2 scheme extensions. Now before we begin there are a few pre-requisites that we need to cover to make sure this work.ġ. This ensures that for any USB encrypted devices in your organisation that you will always have the ability to unlock the data on the drive even in case that someone forgets the unlock password. Using group policy you can mandate that all encrypted removable device must first have the recover key stored in Active Directory before they start to encrypt. In Part 2 I will show you how to use Group Policy with Active Directory Certificate Services to enable a Data Recovery Agent so that all your devices can be recovery using a single EFS recovery agent account. In Part 1 of this “how to” I am going to show you how to setup the recovery key archiving into Active Directory. Well there is where group policy can be your saviour…. Now for a consumer this feature this might be fine as you keep can keep the key in a fire proof safe or even a locked filing cabinet but if you are managing this in a corporate environment you might have to keep track of thousands or even ten’s of thousands of these devices to keep track of the recovery key. One of the problem with this is that if a user were to ever forget the unlock key then they will need to remember where they kept the recovery file or paper print out of the 48 digit recovery key. ![]() One of the cool new feature in Windows 7 Ultimate and Enterprise is the ability to encrypt USB devices with a password to protect the data from falling into the wrong hands. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |