We all know that the ServiceDesk or Helpdesks team often get calls for the BitLocker recovery key and it’s excruciating to give a 45-digit key.
But now Microsoft introduced this feature last month that end users can retrieve their recovery keys, isn’t it cool!! This will reduce the time to raise a ticket or call IT and get the key also user can focus on their productivity instead of someone from IT going and helping.
There are some prerequisites for this:
- All endpoint devices should be enrolled into Intune. (BYOD not included)
- Only active users can check their BitLocker recovery Key
How to activate this?
It is a straightforward process
- Log in to Microsoft Entra ID.
- Go to “Identity” and click on “Devices”
- Now click on “Device Settings”.
- Select “No” in “Other Settings”. (“Yes” means non-admin users are not allowed to see BitLocker Recovery Key)
Now let’s check from where you can check the BitLocker recovery Key:
- Go to the Intune Company Portal website and click on Devices.
- Search for your device and check the BitLocker recovery Key. Piece of cake right?
Security Audits
- For Audit logs, Go to Microsoft Entra ID.
- Click on Identity and go to Monitoring & health, here you can find the Sign-in logs with all the details
You can use a conditional access policy to harden your network for more security.
Thanks for reading!!
Check out more about Intune & I have a specific section for Windows troubleshooting I hope you will like to explore.