Windows 10 bitlocker in a domain
-
I haven't used Bitlocker before. Has anyone rolled it out on Windows 10? For those that have deployed it in a domain environment, is it pretty straight forward? Does it work like it should or is there the 1 in 10 laptop that won't run the .vbs script to turn it on?
-
Super straight forward. We are running it in our test environment right now and have no issues. You shouldn't have to run a vbs file on any laptops only on the domain controller.
-
If you are following a guide to install it, toss a post up with it.
and document your process here if you can.
-
I'll post my directions that I created for our documentation tomorrow. Once the computer connects to AD the user has to configure bitlocker and the drive won't encrypt until the keys are backed up. It works really smoothly.
-
@coliver said:
I'll post my directions that I created for our documentation tomorrow. Once the computer connects to AD the user has to configure bitlocker and the drive won't encrypt until the keys are backed up. It works really smoothly.
Does it require TPM? Is there a boot time password?
-
@Dashrender said:
@coliver said:
I'll post my directions that I created for our documentation tomorrow. Once the computer connects to AD the user has to configure bitlocker and the drive won't encrypt until the keys are backed up. It works really smoothly.
Does it require TPM? Is there a boot time password?
TPM is not always required. For us it is. There is a boot time password configured by the user.
-
@coliver said:
@Dashrender said:
@coliver said:
I'll post my directions that I created for our documentation tomorrow. Once the computer connects to AD the user has to configure bitlocker and the drive won't encrypt until the keys are backed up. It works really smoothly.
Does it require TPM? Is there a boot time password?
TPM is not always required. For us it is. There is a boot time password configured by the user.
So it's not their domain password?
-
@Dashrender said:
@coliver said:
@Dashrender said:
@coliver said:
I'll post my directions that I created for our documentation tomorrow. Once the computer connects to AD the user has to configure bitlocker and the drive won't encrypt until the keys are backed up. It works really smoothly.
Does it require TPM? Is there a boot time password?
TPM is not always required. For us it is. There is a boot time password configured by the user.
So it's not their domain password?
Nope... well at least not for the system drive. I haven't checked about a secondary drive.