This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows 10 - Force to send Bitlocker recovery key

Hello,

We installed SafeGuard Enterprise Client 7.0.2 on a Windows 10 client and we encrypted its Boot Volume using a Device Protection policy.

The Bitlocker PIN was asked to user and the Bitlocker encryption has finished.

However, we are unable to retrieve a recovery key (menu Tools > Recovery) in SafeGuard Management Center. A "Invalid drive" error message is shown.

Is there a way to force the Windows 10 client to send the Bitlocker recovery key to SafeGuard Server ?

Or is there another solution to correct this problem ?

We are knowing the current PIN used at startup by Bitlocker encryption.

Thank you by advance.



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember
    Hello Loic,

    Has the encryption definitely finished and encrypted the drive?
    Is this definitely the right machine you're looking at?
    If you go onto the client machine and do the following you can backup the key:
    - Search for 'Control'
    - Click Control Panel
    - System and Security
    - BitLocker Drive Encryption
    - Backup your recovery key
    You can then save the key somewhere safe.
    I would recommend investigating further the issue with the drive to make sure there isn't anything wrong.
  • Thank you for this trick !
    I made a manual backup of the key and stored it on the SafeGuard Server Windows machine.

    We will investigate with Sophos support how to manage Bitlocker recovey with the SafeGuard Management Center.

    Kind regards,

    Loïc

  • Toby,

    We use SafeGuard Easy. We use the Policy Manager to create and apply policies. We encrypt drives and then apply the exported policy. When a user forgets their encryption password we use the Policy Manager Recovery option with Challange Response. With our 1st Windows 10 installation we chose to use SafeGuard Encryption with Bitlocker. There is no Challenage Response when using SafeGuard with Bitlocker, how do I recover? If there is no way to recover without the Bitlocker Recovery Key, which is seperate from the SafeGuard recovery key, I don't understand the advantage of using SafeGuard Encryption as we do in stand-alone mode.

    Jeff Jackson

    Summit Computer Services