Get bitlocker recovery keys using PowerShell

The following is a comparison between obtaining bitlocker recovery keys with Windows PowerShell and ADManager Plus:

Windows PowerShell

Steps to get bitlocker recovery keys using PowerShell:

  • Identify the domain for which you want to retrieve the report.
  • Identify the LDAP attributes you need to fetch the report.
  • Identify the primary DC to retrieve the report.
  • Compile the script.
  • Execute it in Windows PowerShell.
  • The information will be displayed as a report

To obtain the report in a different format, modify the script according to the needs of the user.

Sample PowerShell script:

 Copied
$BitlockerVolumers = Get-BitLockerVolume
$BitlockerVolumers |
ForEach-Object {
$MountPoint = $_.MountPoint
$RecoveryKey = [string]($_.KeyProtector).RecoveryPassword
if ($RecoveryKey.Length -gt 5) {
Write-Output ("The drive $MountPoint has a recovery key $RecoveryKey.")
}
}
Click to copy entire script

ADManager Plus

Steps to get bitlocker recovery keys report:

  • Select Reports -> Computer Reports -> Bitlocker Recovery Keys
  • Select the domain and OU, and click Generate.

Screenshot

Get BitLocker recovery keys using ADManager Plus

» Start 30-day Free Trial

Limitations:

  • We can run this script only from the computers which have Active Directory Domain Services role.
  • Making even minor modifications to a script—such as adding additional attributes to the reports—require it to be modified and executed again, which is time-consuming.
  • For each format type, the script has to be modified accordingly to export in that format, leading to increased LDAP query complexity in the script.
  • Troubleshooting these scripts requires extensive AD and scripting expertise.

ADManager Plus will retrieve details of bitlocker recovery keys in any desired format in a simple and intuitively designed UI.

Out-of-the-box BitLocker recovery key reports that can be exported and scheduled.

  Get 30-day free trial.
  • Embark on your script-free AD management, reporting, and automation journey with ADManager Plus.
  •  
     
  • By clicking 'Start your free trial now', you agree to processing of personal data according to the Privacy Policy.
  • Thanks
  • Your download should begin automatically in 15 seconds. If not, click here to download manually.

Related Powershell How-to Guides:

The one-stop solution toActive Directory Management and Reporting

Email Download Link