Get Bitlocker Recovery Key From Ad -

# On the BitLocker-protected machine, retrieve the recovery key protector's ID manage-bde -protectors -get c: manage-bde -protectors -adbackup c: -id GUID-from-protector-list

But the more direct AD query uses the ActiveDirectory module: get bitlocker recovery key from ad

# Load AD module Import-Module ActiveDirectory Get-ADObject -Filter objectClass -eq 'msFVE-RecoveryInformation' -SearchBase "CN=ComputerName,OU=Workstations,DC=contoso,DC=com" -Properties msFVE-RecoveryPassword, msFVE-RecoveryGuid Alternatively, search by recovery password ID (GUID) Get-ADObject -Filter msFVE-RecoveryGuid -eq "GUID-HERE" -Properties msFVE-RecoveryPassword Option B: Using ActiveDirectory Module to Search by Computer $computerName = "WS-10234" $computer = Get-ADComputer $computerName $recoveryInfo = Get-ADObject -Filter objectClass -eq 'msFVE-RecoveryInformation' -SearchBase $computer.DistinguishedName -Properties msFVE-RecoveryPassword, msFVE-RecoveryGuid $recoveryInfo | Select-Object Name, @N="RecoveryPassword";E=$ .msFVE-RecoveryPassword, @N="PasswordID";E=$ .msFVE-RecoveryGuid Method 3: Using manage-bde (Local or Remote via PSExec) If you are on the local computer or can access it remotely, you can query AD via manage-bde. # On the BitLocker-protected machine, retrieve the recovery