Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption

161

162

163

164

165

166

167

168

169

170

Manage Policies

154

Removable

Drives Can be

Recovered

Manager, even if this value is Not Selected. This policy

allows for the control of how BitLocker protected removable

data drives are recovered in the absence of the required

credentials.

More...

This policy is the parent policy to:

Allow Data Recovery Agent for Protected Removable Data Drives

Configure User Storage of BitLocker 48-digit

Recovery Password

Configure User Storage of BitLocker 256-bit Recovery Key

Omit Recovery Options from the BitLocker Setup Wizard for

Removable Media

Save BitLocker Recovery Information to AD DS for Removable

Data Drives

BitLocker Recovery Info to Store in AD DS for Removable Data

Drives

Do Not Enable BitLocker Until Recovery Inf

o is Stored in AD DS

for Rem Data Drives

Allow Data

Recovery Agent

for Protected

Rem

ovable Data

Drives

Selected

Not Selected

When Selected, a data recovery agent is allowed for use with

BitLocker protected removable data drives. Before the agent

can be used, it must be added from the Public Key Pol

icies in

either the Group Policy

Management Console or the Local Group

Policy Editor.

To use this policy, Choose How BitLocker-protected Removable

Drives Can be Recovered must be to Selected.

Configure

User

Storage of

BitLocker 48-

digit Recovery

Password

Allow

Require

Do Not Allow

This policy configures if a user is allowed, required, or not

allowed to generate a 48-digit password.

To use this policy, Choose How BitLocker-protected Removable

Drives Can be Recovered must be to Selected.

Configure Use

Storage of

BitLocker 256-

bit Recovery

Key

Allow

Require

Do Not Allow

This policy configures

if a user is allowed, required, or not

allowed to generate a 256-bit recovery key.

To use this policy, Choose How BitLocker-protected Removable

Drives Can be Recovered must be to Selected.

Omit Recovery

Options from

the BitLocker

Setup Wizard

for Removable

Media

Not Selected

Selected

Not Selected

When Selected, users are prevented from specifying recovery

options when BitLocker is enabled. Recovery options for the

drive are determined by policy settings.

To use this policy, Choose How BitLocker-protected Removable

Drives Can be Recovered must be to Selected.

Save BitLocker

Recovery

Information to

AD DS for

Removable Data

Drives

Selected

Not Selected

Selected allows BitLocker recov

ery information to be stored in

AD DS for removable data drives. The appropriate schema

extensions and access control settings on the domain must be

first configured before AD DS backup can succeed.

To use this policy, Choose How BitLocker-protected Removable

Drives Can be Recovered must be to Selected.

Set this policy to Selected to use the policy BitLocker

Recovery Information to Store in AD DS for Removable Data

Drives.

BitLocker

Recovery

Information to

Store in AD DS

Recovery Passwords and Key Packages

Recovery Passwords Only

This policy provides the option of storing recovery passwords

and key packages, or s

toring the recovery password only in AD