# Backup-BitlockerKeys.ps1
# by Mark Randol
# randoltech.blogspot.com
# This script iterates through all of your possibly encryptable drives
# and if they are encrypted, backs up the keys to Active Directory.
$PossibleDrives = Get-BitLockerVolume
foreach ($Drive in $PossibleDrives)
{
$DriveLetter = $Drive.MountPoint
$Protectors = ((Get-BitLockerVolume -MountPoint $DriveLetter).KeyProtector)
foreach ($Protectors in $Protectors) {
$ProtectorID = $Protector.KeyProtectorId
$ProtectorType = $Protector.KeyProtectorType
if ($ProtectorType -eq "RecoveryPassword") {
Backup-BitLockerKeyProtector -MountPoint $DriveLetter -KeyProtectorId $ProtectorID -Verbose
}
}
}
Tuesday, October 1, 2019
A little script to back up your BitLocker keys to Active Directory
If you are using Azure AD then change Backup-BitLockerKeyProtector to BackupToAAD-BitLockerKeyProtector
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment