# regarding bitlocker on server 2008



## PK-her0 (Sep 17, 2007)

what does this mean?

You can also configure BitLocker to save recovery data directly to Active
Directory; this is the recommended management method in enterprise environments.

i dont understand the workings of this...


----------



## PK-her0 (Sep 17, 2007)

does it just save the key to an admin account in AD? where would you locate it etc...


----------



## ratchet (Dec 16, 2001)

PK-her0,
If you are going to use Bitlocker and are running Windows 7 you will want to use Remote Server Administration Tools package for Windows 7 (RSAT). RSAT gives you a new tab when viewing the conputer properties in Active Directory.

When you Bitlocker a machine you have 3 options for key storage, USB key, Network or local drive, and Active Directory.
Using Active Directory method is the most effecient, you can do a find for the computer name in AD and you have the key. 

Using a share you have to either rename every key to the computer name and search the share, if you don't rename the key text file it defaults to password ID which is displayed when Bitlocker is activated.


----------

