BitLocker Recovery Keys

ConfigMgr BitLocker Recovery Keys

The ConfigMgr BitLocker Recovery Keys tool lets you retrieve current recovery passwords stored in Configuration Manager.

To run the tool:

1. In your Configuration Manager console, right-click on a device.

2. Click Right Click Tools > Security Tools > ConfigMgr BitLocker Recovery Keys.

The ConfigMgr BitLocker Keys window that opens displays the following information:

  • Machine Name
  • Recovery Key 
  • Recovery Key ID
  • Error

3. Right-click on a Recovery Key ID and click Copy Key to Clipboard.




AD BitLocker Recovery Keys

The AD BitLocker Recovery Keys tool lets you view current recovery passwords and their detailed history.

To run the tool:

1. In your Configuration Manager console, right-click on a device.

2. Click Right Click Tools > Security Tools > AD BitLocker Recovery Keys.

The AD BitLocker Keys window that opens displays the history of the recovery password including the dates when it was created and last changed.

See also Delegate Access to BitLocker Recovery Keys in Active Directory




MBAM BitLocker Recovery Keys

The MBAM BitLocker Recovery Keys tool allows you to request new MBAM recovery keys.

To run the tool:

1. In your Configuration Manager console, right-click on a device.

2. Click Right Click Tools > Security Tools > MBAM BitLocker Recovery Keys.

3. In the MBAM Recovery Key Request window, select the reason for requesting MBAM recovery keys.

Reasons include:

  • Operating System Boot Order changed
  • BIOS changed
  • Operating System files modified
  • Lost Startup Key
  • Lost PIN
  • TPM Reset
  • Lost Passphrase
  • Lost Smartcard
  • Other

4. Click Request Key(s).

TIP: You can copy a recovery key by right-clicking on an entry and choosing Copy Key to Clipboard.




Entra ID BitLocker Recovery Keys

The Entra ID BitLocker Recovery Keys tool lets you retrieve current recovery passwords stored in Microsoft Entra ID.

To run the tool:

1. In your Configuration Manager console, right-click on a device.

2. Click Right Click Tools > Security Tools > EntraID BitLocker Recovery Keys.

The EntraID BitLocker Keys window that opens displays the following information:

  • Machine Name
  • Recovery Key 
  • Recovery Key ID
  • Date Created
  • Error

3. Right-click on a Recovery Key ID and click Copy Key to Clipboard.




Copyright © 2024 Recast Software Inc. All rights reserved.