Manage Bitlocker with PowerShell

When attempting to enable Bitlocker on computers remotely, using an RMM tool, here are some PS commands that will assist in this process.

View the current status of Bitlocker on a machine.
manage-bde c: -status

Add a key protector so the machine can be encrypted. This is useful on some OEM machines that come with Bitlocker enabled, but no key can be retrieved from the machine.
manage-bde c: -protectors -add -rp

Backup the Bitlocker keys to Active Directory
manage-bde -protectors -adbackup c: -id “{3500023E-381E-449B-878B-0CD1067DCD79}”

Notice, the ID will be the unique ID shown from the manage-bde c: -protectors -add -rp command. You will need to add parenthesis before and after the brackets.

*Posts on this site may contain affiliated links*

Leave a Reply