Data is among the most important resources of every corporate organization. Since data security is prioritized by every organization nowadays, special attention is needed to protect sensitive information. With this in mind, employee devices such as Laptops are vulnerable to security risks and must be protected. In this article, you will learn how to fix no BitLocker Recovery tab in Active Directory Users and Computers. Please see how to Fix Taskbar Icons Missing on Windows 11, and how to Change BitLocker Password in Windows.
See the following guide on how to enable FileVault disk encryption on a Mac device and how to fix your device cannot use a Trusted Platform Module: Allow BitLocker without a compatible TPM”. You may have configured BitLocker correctly as described in this guide “How to enable Bitlocker via the Local Group Policy Editor and the Group Policy Management Console” and still not able to view the BitLocker Recovery Tab.
As an Administrator managing BitLocker, the BitLocker Recovery TAB is still missing when they try to open the properties of the computer through AD. You are in the right place.
Why are you unable to view this Tab?
This issue is a result of not having the BitLocker Drive Encryption Administration Utilities installed. You will have to install the BitLocker Recovery Password Viewer and BitLocker Drive Encryption Tools.
To proceed, please follow the steps discussed below. You may be interested in some of the articles I have written regarding “Insight on Full Disk Encryption with PBA / without PBA, UEFI, Secure Boot, BIOS, File and Directory Encryption and Container Encryption“.
How to fix the missing BitLocker Recovery Tab in Active Directory Users and Computers
To install BitLocker Drive Encryption Administration Utilities on a Server (Domain Control), please follow the steps below.
- Launch the Server Manager
- Click on Add role and Feature
This will open the Add Roles and Feature Wizard. Click on Next as shown below, this screen is not relevant to us 🙂
Select Role-based or feature-based installation
In the next window, select “Role-based or feature-based installation as we will be installing a feature later on
We only have one server in the server Pool. Therefore it is automatically selected.
Click on Next to continue. If you have multiple servers, ensure the right server is selected.
We do not care about the Server roles as we are not installing a Role. We will skip this screen and on the Features window.
Please see How to Disable BitLocker on Windows 10, how to Backup existing and new BitLocker Recovery Keys to Active Directory, and how to fix “Error: Access denied to the harddrive, and the security tab missing under properties“.
Select BitLocker Drive Encryption Administration Utilities to fix Fix no BitLocker Recovery tab in Active Directory
We will select BitLocker Drive Encryption Administration Utilities under Remote Server Administration and check both BitLocker Drive Encryption Tools and BitLocker Recovery Password Viewer as shown below.
Click on Next and on the confirmation page, you should click on install as shown below.
On the result page, click on Close. You should be able to view the BitLocker Recovery Tab in the ADUC
To Install BitLocker Drive Encryption Administration Utilities on a Client, please follow the steps below.
Note: By default, only Domain Admins have access to BitLocker recovery information. But access can be delegated to others. Without this, you cannot view the BitLocker Recovery Key.
Note: Installation of Remote Server Administration Tools (RSAT) in Windows 10 v1809, v1903 and v1909 are no longer downloadable add-ons to Windows. Instead, it’s included as a set of “Features on Demand” directly in Windows.
Since BitLocker Drive Encryption Administration Utilities are not included, we will have to add them.
- Launch Windows settings,
- Navigate to Apps and Select Apps & Features as shown below. Follow along with the rest steps.
Now, scroll through the list and install BitLocker Drive Encryption Administration Utilities.
That is all. You can now launch ADUC and the Tab that is missing will be available.
See how to install BitLocker utilities via PowerShell. Once installed, opening the properties of the computer object and clicking on the BitLocker Recovery tab will display all associated recovery keys.
Install-WindowsFeature BitLocker –IncludeAllSubFeature -IncludeManagementToolsFAQ on BitLocker Recovery
BitLocker recovery is a feature used to regain access to your PC. It is needed when a user is locked out of their encrypted PC.
You can retrieve a BitLocker recovery key through various methods. One of which is through the Microsoft account if linked. Or from a recovery key file, or by asking your organization’s IT support if they manage BitLocker via MBAM or backup to AD.
I hope you found this blog post helpful on how to fix no BitLocker Recovery tab in Active Directory Users and Computers. If you have any questions, please let me know in the comment session.
