Here’s what I have been running.<\/p>\n
$pc = Get-ADComputer PC01\n$dn = $pc.DistinguishedName\n$ldPath = \"AD:\\\",$dn -join \"\"\n$ldObj = Get-ChildItem $ldPath | where {$_.objectClass -eq \"msFVE-RecoveryInformation\" }\n<\/code><\/pre>\n$objComputer = Get-ADComputer <ComputerName>\n$Bitlocker_Object = Get-ADObject -Filter {objectclass -eq 'msFVE-RecoveryInformation'} -SearchBase $objComputer.DistinguishedName -Properties 'msFVE-RecoveryPassword'\n$Bitlocker_Object.msFVE-RecoveryPassword\n<\/code><\/pre>\n
Advertisement
Am I missing something?<\/p>","upvoteCount":5,"answerCount":5,"datePublished":"2019-09-24T14:51:34.000Z","author":{"@type":"Person","name":"mikepolselli","url":"https://community.spiceworks.com/u/mikepolselli"},"acceptedAnswer":{"@type":"Answer","text":"
Wasn’t running the query with admin privileges, that’ll do it.<\/p>","upvoteCount":2,"datePublished":"2019-09-24T15:02:19.000Z","url":"https://community.spiceworks.com/t/cannot-get-bitlocker-key-from-ad-via-powershell/731568/2","author":{"@type":"Person","name":"mikepolselli","url":"https://community.spiceworks.com/u/mikepolselli"}},"suggestedAnswer":[{"@type":"Answer","text":"
So from what I’ve read this should<\/em> be pretty simple but for some reason every query I run returns with no output on multiple computer objects that 100% do have a bitlocker key stored in them.<\/p>\nHere’s what I have been running.<\/p>\n
$pc = Get-ADComputer PC01\n$dn = $pc.DistinguishedName\n$ldPath = \"AD:\\\",$dn -join \"\"\n$ldObj = Get-ChildItem $ldPath | where {$_.objectClass -eq \"msFVE-RecoveryInformation\" }\n<\/code><\/pre>\n$objComputer = Get-ADComputer <ComputerName>\n$Bitlocker_Object = Get-ADObject -Filter {objectclass -eq 'msFVE-RecoveryInformation'} -SearchBase $objComputer.DistinguishedName -Properties 'msFVE-RecoveryPassword'\n$Bitlocker_Object.msFVE-RecoveryPassword\n<\/code><\/pre>\nAm I missing something?<\/p>","upvoteCount":5,"datePublished":"2019-09-24T14:51:34.000Z","url":"https://community.spiceworks.com/t/cannot-get-bitlocker-key-from-ad-via-powershell/731568/1","author":{"@type":"Person","name":"mikepolselli","url":"https://community.spiceworks.com/u/mikepolselli"}},{"@type":"Answer","text":"
$ADObject = get-ADObject -Filter * | ? {$_.DistinguishedName -match $ComputerObject.Name -and $_.ObjectClass -eq \"msFVE-RecoveryInformation\") | ft\n<\/code><\/pre>\nTry that and report back findings<\/p>","upvoteCount":0,"datePublished":"2019-09-24T15:03:23.000Z","url":"https://community.spiceworks.com/t/cannot-get-bitlocker-key-from-ad-via-powershell/731568/3","author":{"@type":"Person","name":"gregory-for-microsoft","url":"https://community.spiceworks.com/u/gregory-for-microsoft"}},{"@type":"Answer","text":"