Two simple commands that let you backup the Bitlocker recovery key to AD.


Open command line as administrator, then you need to find out the GUID of the Bitlocker key with this:

manage-bde -protectors -get c:


After that just copy the long string you get and add it to this line as the -id parameter like so:

manage-bde -protectors -adbackup c: -id {DFB478E6-8B3F-4DCA-9576-C1905B49C71E}


After this the recovery key will be visible in AD:

  1. Open Active Directory Users and Computers
  2. Open Properties on the desired computer, then the BitLocker tab.
  3. The Bitlocker Recovery Password is in the details section