We are enabling Bitlocker in our environment. I had configured all policies related to Bitlocker inside AD. For example, i configured Bitlocker to not start until recovery key backed up to AD. This is the policy about i want to ask something.
I want to ask something about this policy because i had an issue with this policy. It seems it not working well or i am missing some point in the configuration. Let me explain what i'm doing after this configuration:
- I start Bitlocker encryption, Bitlocker encrypt correctly the Hard Disk. When encrypt finish, I can see the tab on AD called "Bitlocker Recovery", but, at the time I open this tab to request the key stored i get an information message : "There is no elements on this view, To search a recovery key press right button on object domain ... etc ... ".
My question is, i know that bitlocker can not start if key is not backed up on AD, so Bitlocker is correctly performed the encryption and the key is backed up on AD. For any reason i can not see the key, even domain admins can not see it.
So, how can i see this keys in AD? I need something more, maybe a plugin? a feature?
I'm running Windows 10 1809 Professional and Active Directory v 10.0.171321.