Export Bitlocker recovery keys from AD using PowerShell
This exports list of BitLocker recovery keys from AD. Found it somewhere from web.
#Prompt for AD user to use
$Creds=Get-Credential
#Connect to DC
Connect-QADService -service "dc01.domain.local:389" -credential $Creds
#Custom variables
$CsvFilePath = "C:\temp\BitLockerComputerReport.csv"
#Create array to hold computer information
$export = @()
#Export computers not Bitlocker-enabled to a CSV-file
$BitLockerEnabled = Get-QADObject -SizeLimit 0 -IncludedProperties Name,ParentContainer,msFVE-RecoveryPassword | Where-Object {$_.type -eq "msFVE-RecoveryInformation"} | Foreach-Object {
#Create custom object for each computer
$computerobj = New-Object -TypeName psobject
#Add name and operatingsystem to custom object
$computerobj | Add-Member -MemberType NoteProperty -Name Name -Value (Split-Path -Path $_.ParentContainer -Leaf)
$computerobj | Add-Member -MemberType NoteProperty -Name "msFVE-RecoveryPassword" -Value $_."msFVE-RecoveryPassword"
$export += $computerobj
}
#Export the array with computerinformation to the user-specified path
$export | Export-Csv -Path $CsvFilePath -NoTypeInformation
Comments
Post a Comment
Got something to say?!