立即与支持人员聊天
与支持团队交流

Active Roles 8.0.1 LTS - Console User Guide

Introduction Getting started User or service account management Group management Computer account management Organizational Unit management Contact management Exchange recipient management

Managing a remote computer

The Active Roles Console allows you to open the Computer Management console from which you can administer a remote computer. Computer Management combines several administration utilities into a single console, providing easy access to the computer’s administrative properties and tools. You must have administrative rights on the computer to view certain information or to modify computer properties using Computer Management.

To manage a remote computer

  1. In the Console tree, locate and select the folder that contains the computer account of the computer you want to manage.

  2. In the details pane, right-click the computer account, then click Manage to open the Computer Management console.

NOTE: To locate the computer account of the computer you want to manage, use the Find function of Active Roles. Once you found the computer account, right-click the computer account in the list of search results, then click Manage.

Using a remote desktop connection

From the Active Roles Console, you can access a computer through Remote Desktop Connection. The Connect via RDP command on a computer object allows you to establish a Remote Desktop Connection session to the computer represented by that computer object in Active Directory.

By supporting Remote Desktop Connection, Active Roles enables you to access a remote computer from your computer running the Active Roles Console. However, the object representing the remote computer must be available in the Console. This requires that the remote computer be a member of one of the domains managed by Active Roles. Additionally, the commonly-known requirements must be met that apply to Remote Desktop Connection: The remote computer must have Remote Desktop enabled, it must be available on the network, and it must be configured so that the user has permission to connect.

To access a computer through Remote Desktop Connection

  1. In the Active Roles Console, locate the desired computer object.

  2. Right-click the computer object and click Connect via RDP.

Viewing BitLocker recovery passwords

Active Roles allows you to locate and view BitLocker recovery passwords that are stored in Active Directory. This tool helps to recover data on a drive that has been encrypted by using BitLocker. You can examine a computer object’s property pages to view the corresponding BitLocker recovery passwords. Additionally, you can perform a domain-wide search for a BitLocker recovery password.

Administrators can configure BitLocker Drive Encryption to back up recovery information for BitLocker-protected drives to Active Directory. Recovery information includes the recovery password for each BitLocker-protected drive, and the information required to identify which computers and drives the recovery information applies to. Backing up recovery passwords for BitLocker-protected drives allows administrators to recover the drive if it is locked, thereby ensuring that authorized persons can always access encrypted data belonging to the enterprise.

To view BitLocker recovery passwords, you must have been granted the appropriate permissions in Active Roles. The following Access Template provides sufficient permissions to view BitLocker recovery passwords:

  • Computer Objects - View BitLocker Recovery Keys

  • In addition, viewing BitLocker recovery passwords in a given Active Directory domain requires the following:

    • The domain must be configured to store BitLocker recovery information. For more information, see Backing Up BitLocker and TPM Recovery Information to AD DS.

    • The computers protected by BitLocker must be joined to the domain.

    • BitLocker Drive Encryption must have been enabled on the computers.

How to view BitLocker recovery passwords

The following procedures describe the most common tasks that apply to locating and viewing BitLocker recovery passwords.

To view the BitLocker recovery passwords for a computer

  1. In the Active Roles Console, locate the desired computer object.

  2. Right-click the computer object, and then click Properties.

  3. In the Properties dialog, click the BitLocker Recovery tab to view the BitLocker recovery passwords that are associated with the computer you’ve selected.

To copy the BitLocker recovery password for a computer

  1. Follow the steps in the previous procedure to view the BitLocker recovery passwords.

  2. On the BitLocker Recovery tab of the Properties dialog, perform the following steps:

    1. In the BitLocker Recovery Passwords list, click the desired password ID.

    2. Right-click in the Details box, click Select All, then click Copy.

  3. Press CTRL+V to paste the copied text to a destination location, such as a text file or spreadsheet.

You can use the Active Roles Web Interface to view the BitLocker recovery passwords for a computer. To do so, select the computer object, then choose the BitLocker Recovery command.

To locate a BitLocker recovery password

  1. In the Active Roles Console or Web Interface, select the domain object, then choose the Find BitLocker Recovery Password command.

  2. On the Find BitLocker Recovery Password page, type the first eight characters of the BitLocker recovery key identification in the Password ID (first 8 characters) box, then click Search.

You can also search for a BitLocker recovery password in all managed domains by choosing the Find BitLocker Recovery Password command on the Active Directory node in the Active Roles Console or Web Interface.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级