BitLocker Recovery Password Backup
Applies To: Windows Server 2008
Recovery information for Windows BitLocker Drive Encryption (BitLocker) can be automatically backed up to Active Directory Domain Services (AD DS). Recovery information for BitLocker includes the recovery password for each BitLocker-enabled volume, and the information required to identify which computers and volumes the recovery information applies to.
You can also configure systems to back up a binary package containing the actual keying information in an encrypted form. Recovery information is not backed up by default, but administrators can configure backup by using Group Policy settings. For more information, see "Configuring Active Directory to Back up Windows BitLocker Drive Encryption and Trusted Platform Module Recovery Information" (https://go.microsoft.com/fwlink/?LinkID=67438).
Events
Event ID | Source | Message |
---|---|---|
Microsoft-Windows-BitLocker-API |
BitLocker Drive Encryption recovery information was backed up successfully to Active Directory Domain Services. Protector GUID: %1 Volume GUID: %2 |
|
Microsoft-Windows-BitLocker-API |
Failed to backup BitLocker Drive Encryption recovery information to Active Directory Domain Services. Errorcode: %2 Protector GUID: %1 Volume GUID: %3 |