Need bitlocker recovery to be saved in Entra id

Anonymous
2024-08-27T13:10:29+00:00

We have a client set up which only has Entra id joined devices and no On-Prem AD, we have a requirement of Enabling Bitlocker on the devices which will store the bitlocker recovery keys in Entra ID (Without Intune).

Kindly suggest solution/Steps.

Windows for business | Windows Server | Devices and deployment | Recovery key

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Anonymous
    2024-08-28T05:59:48+00:00

    Hello,

    Thank you for posting in Microsoft Community forum.

    Based on the description, I understand your question is related to need bitlocker recovery to be saved in Entra id.

    Open the Group Policy Management Console.

    Create a new Group Policy Object (GPO) or edit an existing one.

    Navigate to Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption.

    Enable the policy Store BitLocker recovery information in Active Directory Domain Services (AD DS).

    Configure the policy to back up recovery passwords and key packages.

    Have a nice day. 

    Best Regards,

    Molly

    0 comments No comments
  2. Anonymous
    2024-09-04T20:03:45+00:00

    Hi Molly,

    Stumbled across this post, the instructions you provided appear to be for Active Directory backup via on-prem Group Policy.

    The original question is how to back it up to Entra AD without use of on-prem Active Directory, also without using Intune to manage the device.

    URath

    I'm not certain this is possible without either enrolling the devices in Intune Management, or possibly using Microsoft Defender endpoint to manage the escrow of Bitlocker recovery to Entra. I'm also exploring this and found this article. So far I've not been able to make it work.

    3 people found this answer helpful.
    0 comments No comments