BitLocker encryption for remote machines

VickVega · ‎Jan 08 2020

Hello,

We have created a SCCM-related Task Sequence to encrypt laptops.
As long as machine is constantly connected to the network, the GPO that dictates to save the Recovery Key to AD is properly working.
We see issues when machine disconnected from the network, (no VPN to the domain environment) is executing encryption.
Encryption properly works and disk gets encrypted, however even after manually executing the following command:

manage-bde -protectors -adbackup c: -id {xxx}

to push the key to AD (after establishing VPN connectivity to the domain) it is NOT getting populated in the corresponding "BitLocker Recovery" tab.

The result of the command is the usual:

Recovery information was successfully backed up to Active Directory.

Is there any way to troubleshoot this issue?

Thank you.

a-ron13 · ‎May 20 2020

@VickVegaHey, I just wanted to say that I'm seeing the exact same thing and this is the only post I've found online for it.

Other than it being able to encrypt with the GPO applied that states "Require AD DS....", like you said, I can run "Manage-bde -protectors -adbackup C: -id {xxxx-xxxx-xxxx-xxxx)" with NO VPN and it will come back with "Recovery Information Successfully Backed Up To Active Directory"

This is going to be a nightmare for rolling out encryption in a WFH scenario.

Clearly a bug.

VickVega · ‎Aug 02 2020

@a-ron13
Sorry for the late reply.
Completely agree, something that should have been thought of.

Markmani2 · ‎Sep 29 2020

@VickVega

Its clearly a nightmare to roll out Bitlocker when users are not constantly on VPN. I know MS would recommend to go for Intune.

BitLocker encryption for remote machines

BitLocker encryption for remote machines

Re: BitLocker encryption for remote machines

Re: BitLocker encryption for remote machines

Re: BitLocker encryption for remote machines

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

BitLocker encryption for remote machines