Key recovery using Active Directory Users and Computers
Any Windows computer that is already joined to the domain, and then enables BitLocker will have it's recovery key stored in Active Directory. To view the recovery key simply view the properties of the computer object in ADUC and click the BitLocker Recovery tab.
ADUC is available by installing the RSAT (Remote Server Administration Tools) from Microsoft or by log into Citrix at https://citrixapps.mit.edu/. You'll find the AD Users and Computers under Endpoints Admin Tools.
BitLocker Recovery Key Permissions Please note that you will only have access to view Recovery Keys for computers that you have permissions to within your OU |