Bitlocker Recovery Key in AD - Purge old keys?

Is it possible to delete old recovery keys that are stored in the AD Computer objects? Is there a limit to the amount of keys that can be stored in such an object? 

0 Comments   [ + ] Show comments

Answers (1)

Answer Summary:
Posted by: jdornan 10 years ago
Red Belt

Storing the bitlocker key in AD changes the computer account from a leaf object to a container object. The bitlocker key is stored as a child object to the related computer parent.

Im not aware of any limits To delete you would address as a child of the parent object. By default deleting computers with child objects is disabled and needs to be enabled so Im sure it is the saem with the children.

  • Computer objects are already container objects (by default) - muebel 10 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ