Enable group/users view to the attribute 'ms FVE RecoveryInformation' (BitLocker Recovery Password View) (4276307)

Enable group/users view to the attribute 'ms FVE RecoveryInformation' (BitLocker Recovery Password View)

Active Roles has the ability to search for and retrieve BitLocker recovery passwords that are stored in Active Directory. This feature helps administrators recover data on BitLocker-encrypted drives.

 

You may find it necessary to delegate rights to view only to some members of your admin group.

To delegate View permissions to BitLocker recovery passwords, a new Access Template can be created:

 

1.  On Select object classes to apply permissions on to click on: Only the following classes
2.  Locate and select class: ms FVE RecoveryInformation
3.  Click Next and select Object property access from Select Permissions Category
4.  Select the Read properties check box
5.  Apply the newly create Access Template to the appropriate group

NOTE: It may be necessary to also apply the following built-in access template: Computer Objects - View BitLocker Recovery Keys