We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script repository

Output BitLocker recovery password

February 16, 2024 Views: 5109

The script adds a BitLocker recovery password of a computer on which it is executed to the Execution Log. When the script runs, the Execution Log is displayed to users.

To execute the script, you can, for example, create a custom command to display recovery passwords to users. Since recovery information is stored in computer objects in AD, you need to create a custom command executed on Computer objects.

To add the script to a custom command, use the Run a program or PowerShell script action.
Edit Remove
PowerShell
# Search parameters
$searcher = $Context.TargetObject
$searcher.Criteria = New-AdmCriteria -Type "msFVE-RecoveryInformation"
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.SetPropertiesToLoad(@("msFVE-RecoveryPassword", "name"))

try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
    
    if ($searchResults.Count -eq 0)
    {
        # No BitLocker recovery information found under the current computer object
        $Context.LogMessage("This computer doesn't store its BitLocker recovery information in AD", 
            "Information") # TODO: modify me
        return
    }
    
    foreach ($searchResult in $searchResults)
    {
        $name = $searchResult.Properties["name"].Value
        $recoveryPassword = $searchResult.Properties["msFVE-RecoveryPassword"].Value
        
        $Context.LogMessage("Recovery information entry: " + $name, "Information")
        $Context.LogMessage("Recovery password: " + $recoveryPassword, "Information")
    }
}
finally
{
    # Release resources used by the search
    $searchResultIterator.Dispose()
}
Comments 4
avatar
Alexander Bøegh May 23, 2024
Hi Adaxes
Thanks for this script. Could we get one that pulls the information from Azure instead of the local AD?
avatar
Support May 23, 2024
Hello Alexander,

Unfortunately, we do not have such a script.
avatar
Andrew Millican Oct 15, 2024
When using this custom command in the web console, the recovery information cannot be copied from the results window. Is there something I need to change or allow for it to be able to be copied?
avatar
Support Oct 16, 2024
Hello Andrew,

There are no such restrictions in Adaxes. If you face issues copying data from the execution log, the only possible cause is your web browser settings.
avatar
Andrew Millican Oct 16, 2024
Yeah, we figured it out, when you select it it's highlighted, so we thought you could copy it. Ended up we just needed to select the text. So yes, it was user error.
Leave a comment
Loading...

Got questions?

Support Questions & Answers