Some user Bitlocker Recovery Keys is missing in AAD

Question

Some user Bitlocker Recovery Keys is missing in AAD

AVIJIT DAS 31

We have deployed BitLocker using AAD, the new device & existing default is successfully enrolled in BitLocker, and the recovery key is stored in AAD, but some device received our BitLocker policy but we don't see any recovery key on AAD, Need assistance for troubleshooting.

Reza-Ameri 17,336 Reputation points Volunteer Moderator

2022-09-14T15:33:50.58+00:00

You may start by checking the Event Viewer and check log files and see if there is any issue there?
How long they connected to the AAD?
Are they enforcing other policies?

1 answer

Your answer

Reza-Ameri 17,336 Reputation points Volunteer Moderator

2022-09-14T15:33:50.58+00:00

You may start by checking the Event Viewer and check log files and see if there is any issue there?
How long they connected to the AAD?
Are they enforcing other policies?

Answer 1

Hello there,

What BitLocker group policy settings did you configure for all users?

BitLocker recovery passwords are only saved to AD and AAD at the time they are set (or reset). Thus, you must either rotate them (which can be done using Intune) or send a script to them to force them to save their keys to AAD.

Here is a similar case with marked answers.

Missing Bitlocker Recovery Keys in AAD/InTune https://learn.microsoft.com/en-us/answers/questions/756891/missing-bitlocker-recovery-keys-in-aadintune.html
Bitlocker Recovery Key is not present in AD for some users https://learn.microsoft.com/en-us/answers/questions/410264/bitlocker-recovery-key-not-present-in-ad-for-some.html

----------------------------------------------------------------------------------------------------------------------------------

--If the reply is helpful, please Upvote and Accept it as an answer–

Share via

Some user Bitlocker Recovery Keys is missing in AAD

1 answer

Your answer