Category Archives: MassDeploy BitLocker Drive Encryption

Encrypt the OS drive and back up all recovery keys to Active Directory

New: MassDeploy BitLocker Drive Encryption

MassDeploy BitLocker Drive Encryption
Encrypt the OS drive and back up all recovery keys to Active Directory

  • Check if this is a BitLocker-capable OS
  • Check if a TPM chip is available
  • Check if we can back up recovery keys
  • Take ownership of the TPM by setting an owner password, only for Windows 7/2008R2 and Vista/2008
  • Check for existing numerical password protectors
  • Add a numerical password protector, if one does not exist
  • Back up all recovery keys to AD
  • Turn on BitLocker and begin drive encryption
  • Display a detailed success or failure message, except in silent mode

Continue reading New: MassDeploy BitLocker Drive Encryption