6

Windows 10, server 2012 R2 domain

I'm confused about the options for recovering a bitlocker encrypted drive offline.

Lets say I'm encrypting the HDDs of domain computers with bitlocker using TPM (not storing the keys on usb/floppy drives) and backing up the keys to AD and the keys are available to me.

Can I pull a HDD from one of these TPM bitlocker encrypted computers then attach it to another computer as an external drive (with usb to sata cable or whatever) and then recover the bitlocker key from AD for that drive and use it to decrypt it and read the data?

red888
  • 4,069
  • 16
  • 58
  • 104
  • `Can I pull a HDD from one of these TPM bitlocker encrypted computers then attach it to another computer as an external drive (with usb to sata cable or whatever) and then recover the bitlocker key from AD for that drive and use it to decrypt it and read the data?` - Yes. – joeqwerty Jun 24 '16 at 14:00

1 Answers1

7

When you attempt to boot from the drive and the TPM doesn't have the key, BitLocker will prompt you to enter the recovery key. You then look it up in Active Directory and type it in.

If you hook up the drive as a secondary drive, then when you open it in Explorer, it will ask you for the recovery key.

longneck
  • 22,793
  • 4
  • 50
  • 84