Active Directory BitLocker Recovery Keys Audit

Find Active Directory BitLocker Recovery Keys

Lansweeper hooks directly into Active Directory to scan detailed information for both AD users and AD computers. One of the items retrieved from active directory is the BitLocker recovery key. BitLocker encrypts disk volumes to protect the data on them from being accessed in an offline mode. To access the drive again, the BitLocker recovery key is required.

This audit lists all of the AD computers with their BitLocker recovery keys scanned from the AD computer object. This way you have all of the information at your fingertips and there is no longer a need to dive into your active directory every time you need some information or a recovery key.

Bitlocker recovery key

Active Directory Bitlocker Recovery Keys Query

Select Top 1000000 Case
    When Coalesce(tblAssets.OScode, '') = '' And tblAssets.Assettype = -1 Then
      'notscanned.png'
    When tblAssets.Assettype = -1 Then tsysOS.Image
    Else tsysAssetTypes.AssetTypeIcon10
  End As icon,
  tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tblADComputers.IsEnabled As Enabled,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblAssets.OScode + '.' + tblAssets.BuildNumber As Build,
  tblAssets.Version As [OS Version],
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tblAssetCustom.Location,
  tsysIPLocations.IPLocation,
  tblAssets.Firstseen,
  tblAssets.Lastseen,
  tblBitLockerRecoveryKey.RecoveryKey,
  tblBitLockerRecoveryKey.LastChanged As [Last Scanned]
From tblAssets
  Inner Join tblADComputers On tblAssets.AssetID = tblADComputers.AssetID
  Inner Join tblBitLockerRecoveryKey On tblBitLockerRecoveryKey.AdObjectId =
    tblADComputers.ADObjectID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Left Outer Join tsysOS On tblAssets.OScode = tsysOS.OScode
  Left Outer Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
Where tblAssetCustom.State = 1
Order By tblAssets.AssetName

Audit and Take Action in 3 Easy Steps

Download-Install-Lansweeper

1. Download & Install Lansweeper

Save-and-Run-the-Report

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit

Harness the Power of Reporting