Forum Discussion

Ankur_Bagga's avatar
Ankur_Bagga
Copper Contributor
Mar 12, 2020
Solved

Is there a way to sync bitlocker recovery key from OnPrem AD to AAD via AAD Connect server

Is there a way to sync bitlocker recovery key from OnPrem AD to AAD via AAD Connect server

  • Not possible using ADConnect.

    If you have Hybrid Join PCs, you can use Intune Config Profiles or Security Baseline to save the recovery key in AAD.

    Hope it helps!
    Moe

9 Replies

  • ebwilson's avatar
    ebwilson
    Copper Contributor

    Ankur_Bagga 

    This solution did it for me: https://blog.mindcore.dk/2023/11/how-to-migrate-bitlocker-keys-from-all-fixed-drives-to-microsoft-entra-id/

    Fixed all my bitlocker AAD Intune issues.

  • Moe_Kinani's avatar
    Moe_Kinani
    Bronze Contributor
    Not possible using ADConnect.

    If you have Hybrid Join PCs, you can use Intune Config Profiles or Security Baseline to save the recovery key in AAD.

    Hope it helps!
    Moe
    • Junshah's avatar
      Junshah
      Copper Contributor
      Hi Moe,
      Is there any guide to create that specific config profile?
      • Moe_Kinani's avatar
        Moe_Kinani
        Bronze Contributor
        Hi Junshah,

        If your hybrid devices are already encrypted use the url below-

        https://campbell.scot/store-bitlocker-recovery-keys-in-azure-ad-for-devices-already-encrypted/

        If not encrypted, use this setting to encrypt and back the keys in Azure AD
        https://learn.microsoft.com/en-us/answers/questions/774898/on-prem-joined-domain-pcs-does-not-have-option-to.html

Resources