Identity and Account Management Key Recovery procedure

Procedure for accessing BitLocker Drive Recovery Keys

Instructions for Identity and Account Management staff.


2. Log in with [netid].adm account

3. Click the Drive Recovery option in the left column

4. If the request comes from a current user of the device*:

a. enter “campus” in the User Domain field

b. Enter the requestor’s netid in the User ID field

(This documents on whose behalf you are retrieving a key; it will be displayed in reports)

Otherwise, leave these blank.

5. Enter the first eight characters of the Key ID

(BitLocker will show the Key ID to the user if a recovery key is required.)

6. Select a reason, and

7. Click Submit

Account Services Key Recovery procedure


The MBAM client on the workstation will re-key the disk after a recovery key has been accessed.

* MBAM records the valid (domain) users of a device, so that these users can perform self-service recovery. By entering a user ID in the search, we only look for keys on devices for which that user ID is a recorded user. This won’t work for a distributed IT staffer who hasn’t logged into the device.

Comments are closed.