This procedure applies only for Windows 10 devices which have been configured as Azure AD Joined.
From time to time, you may need to access advanced recovery options for your Windows 10 device but these options may failed to work because you are using BitLocker to encrypt your drive.
You may already know the procedure to recover BitLocker keys when using your Microsoft Account or when your device is an Active Directory domain joined:
- for Microsoft account go to http://go.microsoft.com/fwlink/p/?LinkId=237614 and sign in with your Microsoft account
- for AD domain joined, you need to contact your IT administrator
But what about Azure AD Joined devices? Well, as for an AD Joined device, your BitLocker recovery key is saved but in Azure AD.
The good point for Azure AD Joined devices is this is a self-service process – meaning you do not need to contact your IT administrator to recover the key; you only need another device on which you can logon to Azure AD.
Recover your BitLocker Recovery Key from Azure AD
- Logon to either
- https://account.activedirectory.windowsazure.com/profile/ and then click on the Devices tile
- or directly to https://account.activedirectory.windowsazure.com/n/#/devices
- Select the device for which you want to get the recovery key
That is a simple as this