I'm currently testing bitlocker for use in our organization, and trying to get the key backups to AD working. I've got everything setup, and with the sample vbs scripts I was able to verify that the password is stored in AD. However, I can't seem to get at that information in Active Directory Users and Computers. I've installed the RSAT package, and verified that the BitLocker Recovery Password Viewer for Active Directory feature is installed. As I understand it, When I open AD U&C, I should then have the option to right click on a container and find bitlocker keys, or to bring up the properties of a pc and view it's bitlocker info there. Unfortunately, I don't have any such options in AD U&C to view bitlocker info. What am I missing? I am running the RSAT tools on Windows 7 ultimate, on a different pc than the one bitlocker is running on.

Anybody?

Hi, I would like to share you the following article to save BitLocker information to AD. Backing Up BitLocker and TPM Recovery Information to AD DS Thanks, Novak

That is the document I used to configure backup of bitlocker info to AD. I got to the end of it, and was able to successfully view the recovery key with the "cscript Get-BitLockerRecoveryInfo.vbs" command. However, it is my understanding that with the RSAT tools (And the Bitlocker Password Recovery Viewer feature) installed on my windows 7 pc, I should now see a tab with bitlocker info in AD Users and Computers when viewing the computer's properties. This tab doesn't show up. I also understand that when I right click on an OU in AD Users and Computers, I should have a menu option to find bitlocker recovery keys. This option doesn't show up either. I have tried removing and reinstalling the bitlocker password recovery viewer feature, but that didn't help.

Did you install “BitLocker Recovery Password Viewer”? At this stage, I suggest you also refer to the following articles to troubleshoot the issue. BitLocker Recovery Password Viewer for Active Directory How to use the BitLocker Recovery Password Viewer for Active Directory Users and Computers tool to view recovery passwords Thanks, Novak

Novak -- Sorry, still don't have an answer to this. As I said in the OP, I have installed RSAT, and enabled all options for it under the 'Windows Features' panel, including the Bitlocker Password viewer. As I understand it, once that tool is enabled, Active Directory Users and Computers should show additional options, including a Bitlocker tab in the properties of a computer object. I don't see that, nor do I have the option when right clicking on an ou to Find Bitlocker Recovery Keys, as I've seen in screenshots. Also, the link you provided on 'How to use' is for the Vista version of the utility, which won't install on Win7. Thus the reason I'm using the version included in the RSAT for win7 package.

I'm having the same problem. Using Windows 7 (with the Feature installed for the Bitlocker viewer) I cannot see the recovery information through ADUC. If I install the viewer on a 2003 or 2008 DC then the fields appear. I would prefer not to have to remote to a DC to gather this information.

I have the same problem as well. I can see the information just fine using ADSIEdit, but not via ADUC that comes with RSAT for Win7. My domain is still Windows 2003...not a single Windows 2008 DC yet. Does that matter?

found it via more googling (sorry, "binging", heh!) the DC that ADUC is communicating with needs the viewer as well...then it works. Had the hardest time trying to find the viewer for the XP/2003 platform, because I don't know how you apply an MSU file to that platform, but I did find it here: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23453950.html

Figured out the problem with Windows7. You need to run the following command once per system before you launch ADUC regsvr32.exe BdeAducExt.dll

Thanks Richard, that worked!!!