In order Help Desk Support Team to see BitLocker Recovery Keys in AD they must have appropriate permissions.
MS provided a script that should
be executed on Domain Controller and will allow to the members of the specified
AD Security Group to have Read permissions on BitLocker objects in AD.
Here is the link from MS. The
script for delegating permission in AD is in Appendix A:
No comments:
Post a Comment