Hi All,

A colleague recently asked me about a problem they were having, whereby the ‘Bitlocker Recovery’ tab in the properties of all Computer accounts was missing in Active Directory Users and Computers and therefore they could not obtain a Bitlocker recovery key when using a particular domain controller.

This tab actually requires an additional feature installation, as it does not get installed automatically with Active Directory or the AD snap-ins – so in particular you may notice this on recent built domain controllers that haven’t had the feature installed yet.

Server Manager

To install the feature in Server Manager, run the ‘Add Roles and Features Wizard’, on the features stage go to Remote Server Administration Tools > Bitlocker Driver Encryption Utility, check the box next to ‘Bitlocker Recovery password viewer’ and complete the wizard.

Untitled

PowerShell

To install the feature using PowerShell, run the following following command in an administrative PowerShell window.

Install-WindowsFeature RSAT-Feature-Tools-BitLocker-BdeAducExt

Hope this helps !

About the author