manage-bde -protectors -adbackup c: -id existing-protector-GUID Or, back up all protectors for C: drive:
# Import the required module Import-Module BitLocker Get-BitLockerRecoveryKey -MountPoint "C:" -ComputerName "PC-USER01" get bitlocker recovery key from ad
Introduction When BitLocker Drive Encryption is deployed in a managed enterprise environment, Group Policy can be configured to automatically store the recovery password (and key package) in Active Directory. This is a critical disaster recovery measure: if a user forgets their PIN, loses their smart card, experiences a TPM malfunction, or moves a drive to another computer, the recovery key is required to unlock the encrypted volume. loses their smart card
# On the BitLocker-protected machine, retrieve the recovery key protector's ID manage-bde -protectors -get c: manage-bde -protectors -adbackup c: -id GUID-from-protector-list experiences a TPM malfunction