Click here to Skip to main content
11,647,828 members (46,689 online)
Click here to Skip to main content

Extracting BitLocker Recovery Keys from Active Directory

, 30 Jun 2014 CPOL 4.8K 11 4
Rate this:
Please Sign up or sign in to vote.
This tip demonstrates how to use VB.NET to programmatically extract BitLocker Recovery Keys from Active Directory.

Overview

This tip demonstrates how to use VB.NET to programmatically extract BitLocker Recovery Keys from Active Directory.

Contents

  • Article Purpose
  • What is BitLocker?
  • Preparation
  • The Code

Article Purpose

I have written this tip in an attempt to help stem the tide of forum threads regarding the extraction of BitLocker Recovery Keys from Active Directory.

What is BitLocker?

BitLocker Drive Encryption is a disk encryption feature available in higher-end versions of Microsoft’s Windows operating system. Used by corporations around the world, BitLocker Drive Encryption allows the user to encrypt data and prevent unauthorised changes being made to a system.

A BitLocker Recovery Key is a string of integers that you can generate when you turn on BitLocker Drive Encryption for the first time. You can use this recovery key to gain access to your computer if the operating system drive is encrypted and BitLocker detects a condition that prevents it from unlocking the drive on start up.

In most organisations that use BitLocker Drive Encryption, a savvy network administrator will create a domain policy that backs-up and stores each computer’s BitLocker Recovery Key within Active Directory. A full article on how to create such a policy can be found here.

Preparation

When attempting to view and extract BitLocker Recovery Key information from Active Directory, you will need to ensure that you have installed the Remote Server Administration Tools (RSAT) package and enabled the BitLocker Password Recovery Viewer feature. You can read more about this feature here.

A link to download RSAT for Windows 7 can be found here.

The Code

The following code will allow you to programmatically extract the BitLocker Recovery Key for a single computer on your domain. I have added comments to the code to better explain each step of the extraction process.

Imports System.DirectoryServices

Public Class frmMain

    Private Sub btnSearch_Click(sender As Object, e As EventArgs) Handles btnSearch.Click
        'Search for inputted computer name
        Dim strLDAP As String = "LDAP://DC=tower,DC=lan"
        Dim strComputer As New DirectoryEntry(strLDAP)
        Dim objSearch1 As New DirectorySearcher(strComputer)
        objSearch1.Filter = ("(&(objectClass=computer)(name=" & txtComputer.Text & "))")
        Dim objResult1 As SearchResult = objSearch1.FindOne

        'Capture full path of computer account
        Dim strFullPath As String = objResult1.Path

        'Search computer account for recovery information
        Dim objSearch2 As New DirectorySearcher()
        objSearch2.SearchRoot = New DirectoryEntry(strFullPath)
        objSearch2.Filter = "(&(objectClass=msFVE-RecoveryInformation))"
        Dim colQueryResults As SearchResultCollection
        colQueryResults = objSearch2.FindAll()

        'Search for recovery password
        Dim objResult2 As SearchResult
        For Each objResult2 In colQueryResults
            If objResult2.Properties.Contains("msFVE-RecoveryPassword") Then

                'Display recovery password
                txtKey.Text = (objResult2.Properties("msFVE-RecoveryPassword")(0))
            End If
        Next
    End Sub
End Class

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Luke Millanta
Australia Australia
No Biography provided

You may also be interested in...

Comments and Discussions

 
-- There are no messages in this forum --
| Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.150804.4 | Last Updated 1 Jul 2014
Article Copyright 2014 by Luke Millanta
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid