Microsoft Gold Azure and Dynamics CRM Partner | Salesforce Experts

With Windows 10, Microsoft fully supports Azure AD (Active Directory) Join out of the box. This is great for small and medium sized companies who don’t have any on-premises infrastructure and heavily leverages the cloud. One of the great benefits for Azure Active Directory is the ability to store BitLocker encryption keys online.  This quick guide already assumes the computer is already joined to Azure Active Directory. At the time of this post, there seems to be no way to automate this process at this time but who knows what the future holds.

BitLocker setup and storing the keys in Azure AD

1. Access the BitLocker menu by clicking on the Windows Icon > Type in Bitlocker > Select Manage BitLocker
Bitlocker Search

 

2. Select Turn On BitLocker
Bitlocker Enable

 

3. You will be prompted to choose where you want to save your recovery key. Select Save to your cloud domain accountBitLocker Save To Cloud Domain Account Azure Active Directory

 

4. Now select the Drive Encryption Preference > Next > Select the Drive Encryption Mode Next Start EncryptingBitLocker Start Encrypting

At this point, the encryption process on your hard drive should now begin and the BitLocker recovery key has been stored in Azure Active Directory. Below are the steps on how to access the key in AzureAD in the event the computer is prompted for it.

 

Accessing the BitLocker Recovery Key in Azure Active Directory

1. Azure Active Directory is currently in the classic portal so login here: https://manage.windowsazure.com with your credentials and select your Active Directory Name

Azure Active Directory Login

2. Select Users at the top then search and select the user that the computer is assigned to. In my case, it was Test User
Azure Active Directory User Search

 

3. Once the user profile appears, select Devices > Change the View drop down box to Devices > Select the computer Hostname (in my case it was DESKTOP-QM6QLOH) > Select View Details in the bottom
Azure Active Directory Select Device

 

4. The BitLocker Recovery Key will appear in the window here
BitLocker Recovery Key Window