Systems Management Question

Bitlocker Recovery Key in AD - Purge old keys?

01/22/2013 13072 views

Is it possible to delete old recovery keys that are stored in the AD Computer objects? Is there a limit to the amount of keys that can be stored in such an object? 

Answer Summary:
0 Comments   [ + ] Show comments


All Answers


Storing the bitlocker key in AD changes the computer account from a leaf object to a container object. The bitlocker key is stored as a child object to the related computer parent.

Im not aware of any limits To delete you would address as a child of the parent object. By default deleting computers with child objects is disabled and needs to be enabled so Im sure it is the saem with the children.

Answered 01/26/2013 by: jdornan
Red Belt

  • Computer objects are already container objects (by default)
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ