PowerShell: Find Bitlocker Recovery keys in AD

Home/All Posts, PowerShell, Windows/PowerShell: Find Bitlocker Recovery keys in AD

PowerShell: Find Bitlocker Recovery keys in AD

This is a simple PowerShell script, that will help you find Bitlocker recovery keys from AD.

The PowerShell script below is build to find bitlocker recovery keys from mutiple machine in a list. Simply create a txt file with one PC name on each line and save it. Change the path(Line 2) in the script to your desired location.  The script is now ready to find bitlocker recovery keys

# List of computers to check in a TXT file
$computers = get-content C:\temp\pc-bitlocker-check.txt
# Check each line in $computers variable and assign them $computerName
foreach($computerName in $computers)
{
# Get Computer information from AD
$computer = Get-ADComputer $computerName
# Write ComputerName to console before bitlocer recovery keys is shown
Write-host "$computerName"
# Get Bitlocker recovery keys with get-adobject
Get-ADObject -Filter 'objectClass -eq "msFVE-RecoveryInformation"' -SearchBase $computer.DistinguishedName -Properties whenCreated, msFVE-RecoveryPassword | `
  Sort whenCreated -Descending | Select whenCreated, msFVE-RecoveryPassword
  }

Enjoy đŸ™‚

About the Author:

Leave A Comment