返回
-
标题
Migrating BitLocker Keys -
说明
Devices can be successfully migrated from the source Active Directory to the Target Active Directory with BitLocker installed. However, the BitLocker keys themselves do not sync from source to target. -
原因
When BitLocker keys are stored in AD, the BitLocker recovery information is stored within a child object of the device in AD instead of being stored in standard AD attributes. Attributes of child objects are not supported for synchronization or migration. BitLocker keys stored in SQL are also not supported for migration. -
解决办法
After a computer has been moved to the target domain, the administrator will need to configure the target environment for BitLocker.
Once complete, migrate the keys to the target manually or by creating a script to migrate the keys in bulk.