Hello,
I had a few questions regarding auditing a SafeGuard server to determine which computer accounts are missing recovery key information. I was able to dig up an article from way back when but it is no longer accessible - https://community.sophos.com/products/safeguard-encryption/f/sophos-safeguard-products/5663/workstation-locked-no-backup-key-available-help. I would like to run a script on the server side to determine which computers are missing recovery information.
This all spawned from an issue with a client that was able to perform SafeGuard/Bitlocker Challenge/Response but the computer would attempt startup repair and then go back to requiring a USB key (SafeGuard Challenge/Response). I then went to grab the actual .bek file from the console but got an error that it was not available. I'm wondering how this could have happened as this is the first time we've experienced it and ways to prevent it from happening. I believe the original lockout occurred from a Microsoft update that had issues - KB4058043 installed on 4/3/18.
This thread was automatically locked due to age.