Windows Vista Bitlocker Active Directory Schema

R

Ragnar

Hi

Where can I find the Active Directory Schema script/procedure required to
enable Bitlocker recovery to Active Directory? Isn't it available for
download yet?

Thanks.

Regards,
Ragnar
 
R

Ragnar

Thanks for your reply.

However I have already tried these schema extensions in a test environment -
they did not help me enable Bitlocker recovery to AD. The
"VistaSecurity_TWP.doc" document refers to something called "BitLocker
Active Directory Deployment Pack". Do you (or anyone else) know where I may
get a hold of this, seems that this will contain additional details as well
as the "AddWriteACEs.vbs" script needed to configure some permissions.

Regards,
Ragnar





"Jorge de Almeida Pinto [MVP - DS]"
 
M

Mika Seitsonen

Hi Ragnar,

You should not use ADprep on Vista DVD as the results are not what you look
for. Microsoft will make information on storing Bitlocker Recovery keys in
AD available soon - I'd guess when its ready ;) ADprep command and accompanying
ldf files on Vista DVD are there for informational purpose only and as such
they should not be used in production AD (2000/2003/R2).

HTH
Mika
 
R

Ragnar

Hi

Yes I also found that it did not work with these schema extensions. So it is
as I feared - patience is required while we wait on Microsoft to provide the
necessary information and tools....Thanks.


/Ragnar
 
M

Mika Seitsonen

Hi again,

The guide and included LDIF file and scripts are finally available:
http://www.microsoft.com/downloads/...15-dfc3-4579-90cd-86ac666f61d4&displaylang=en

A bit more information on http://msmvps.com/blogs/mika/archiv...p-bitlocker-and-tpm-recovery-information.aspx.
I've tested all of the tools with Lenovo Thinkpad T60 and found them working:)

HTH
Mika
Hi

Yes I also found that it did not work with these schema extensions. So
it is as I feared - patience is required while we wait on Microsoft to
provide the necessary information and tools....Thanks.

/Ragnar

Hi Ragnar,

You should not use ADprep on Vista DVD as the results are not what
you look for. Microsoft will make information on storing Bitlocker
Recovery keys in AD available soon - I'd guess when its ready ;)
ADprep command and accompanying ldf files on Vista DVD are there for
informational purpose only and as such they should not be used in
production AD (2000/2003/R2).

HTH
Mika
Thanks for your reply.

However I have already tried these schema extensions in a test
environment - they did not help me enable Bitlocker recovery to AD.
The "VistaSecurity_TWP.doc" document refers to something called
"BitLocker Active Directory Deployment Pack". Do you (or anyone
else) know where I may get a hold of this, seems that this will
contain additional details as well as the "AddWriteACEs.vbs" script
needed to configure some permissions.

Regards,
Ragnar
"Jorge de Almeida Pinto [MVP - DS]"
message Tomek provides information about this:
http://blogs.dirteam.com/blogs/tomek/archive/2006/12/04/Schema-exte
ns
ions-for-Vista-new-features.aspx
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)-->
http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
-------------------------------------------------------------------
--
---------------------
* This posting is provided "AS IS" with no warranties and confers
no
rights!
* Always test before implementing!
-------------------------------------------------------------------
--
---------------------
#################################################
#################################################
-------------------------------------------------------------------
--
---------------------
Hi

Where can I find the Active Directory Schema script/procedure
required to enable Bitlocker recovery to Active Directory? Isn't
it available for download yet?

Thanks.

Regards,
Ragna
Click to expand...
Click to expand...
Click to expand...
 
R

Ragnar

Thank you for posting this! :)

I'll test it during the weekend....

/Ragnar



Mika Seitsonen said:
Hi again,

The guide and included LDIF file and scripts are finally available:
http://www.microsoft.com/downloads/...15-dfc3-4579-90cd-86ac666f61d4&displaylang=en

A bit more information on
http://msmvps.com/blogs/mika/archiv...p-bitlocker-and-tpm-recovery-information.aspx.
I've tested all of the tools with Lenovo Thinkpad T60 and found them
working:)

HTH
Mika
Hi

Yes I also found that it did not work with these schema extensions. So
it is as I feared - patience is required while we wait on Microsoft to
provide the necessary information and tools....Thanks.

/Ragnar

Hi Ragnar,

You should not use ADprep on Vista DVD as the results are not what
you look for. Microsoft will make information on storing Bitlocker
Recovery keys in AD available soon - I'd guess when its ready ;)
ADprep command and accompanying ldf files on Vista DVD are there for
informational purpose only and as such they should not be used in
production AD (2000/2003/R2).

HTH
Mika
Thanks for your reply.

However I have already tried these schema extensions in a test
environment - they did not help me enable Bitlocker recovery to AD.
The "VistaSecurity_TWP.doc" document refers to something called
"BitLocker Active Directory Deployment Pack". Do you (or anyone
else) know where I may get a hold of this, seems that this will
contain additional details as well as the "AddWriteACEs.vbs" script
needed to configure some permissions.

Regards,
Ragnar
"Jorge de Almeida Pinto [MVP - DS]"
message Tomek provides information about this:
http://blogs.dirteam.com/blogs/tomek/archive/2006/12/04/Schema-exte
ns
ions-for-Vista-new-features.aspx
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)-->
http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
-------------------------------------------------------------------
--
---------------------
* This posting is provided "AS IS" with no warranties and confers
no
rights!
* Always test before implementing!
-------------------------------------------------------------------
--
---------------------
#################################################
#################################################
-------------------------------------------------------------------
--
---------------------
Hi

Where can I find the Active Directory Schema script/procedure
required to enable Bitlocker recovery to Active Directory? Isn't
it available for download yet?

Thanks.

Regards,
Ragnar
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Extending Active Directory Schema for Bitlocker recovery information 7
Re-install computers using BitLocker and TPM 6
unbelievable TPM/Bitlocker confusion 9
Can I still use bitlocker without TPM chip? 1
BitLocker and Windows Vista Business 5
Bitlocker fails to install 5
Enable encrypt file not bitlocker on windows vista Home Premium 10
[MSFT] Windows 7 Backup Fails 0x81000031 1

Top