Searching for Bitlocker recovery information in RMAD backups

Recently we recieved multiple questions about how to use RMAD to search for Bitlocker recovery information in AD backup so I decided to write about this.

More details about bitlocker objects can be found on TechNet: https://technet.microsoft.com/en-us/library/dd875529(v=ws.10).aspx

 

To find bitlocker object for specific computer launch Online Recovery Wizard in RMAD, switch to Advanced Tab and add search condition (like on screenshot below) Common-Name Contains RecoveryGUID value.

 

ms-FVE-RecoveryGuid contains the GUID associated with a BitLocker recovery password. When in BitLocker's operating system drive recovery mode and when attempting to recover a data drive from within the operating system, this GUID is displayed to the user so that the correct recovery password can be located to unlock the drive. This GUID is also included in the name of the recovery object.

 

Then double click on found object and check value of FVE-RecoveryPassword (like on screenshot below).

 

Anonymous