Vista Forums - View Single Post - Windows Vista Bitlocker Active Directory Schema

01-12-2007

Hi again,

The guide and included LDIF file and scripts are finally available:
http://www.microsoft.com/downloads/d...displaylang=en

A bit more information on http://msmvps.com/blogs/mika/archive...formation.aspx.
I've tested all of the tools with Lenovo Thinkpad T60 and found them working

HTH
Mika

> Hi
>
> Yes I also found that it did not work with these schema extensions. So
> it is as I feared - patience is required while we wait on Microsoft to
> provide the necessary information and tools....Thanks.
>
> /Ragnar
>
> "Mika Seitsonen" <mika.seitsonen_at_iki.fi> wrote in message
> news:779f3f61875e8c8eb8c8909035f@msnews.microsoft.com...
>
>> Hi Ragnar,
>>
>> You should not use ADprep on Vista DVD as the results are not what
>> you look for. Microsoft will make information on storing Bitlocker
>> Recovery keys in AD available soon - I'd guess when its ready

>> ADprep command and accompanying ldf files on Vista DVD are there for
>> informational purpose only and as such they should not be used in
>> production AD (2000/2003/R2).
>>
>> HTH
>> Mika
>>> Thanks for your reply.
>>>
>>> However I have already tried these schema extensions in a test
>>> environment - they did not help me enable Bitlocker recovery to AD.
>>> The "VistaSecurity_TWP.doc" document refers to something called
>>> "BitLocker Active Directory Deployment Pack". Do you (or anyone
>>> else) know where I may get a hold of this, seems that this will
>>> contain additional details as well as the "AddWriteACEs.vbs" script
>>> needed to configure some permissions.
>>>
>>> Regards,
>>> Ragnar
>>> "Jorge de Almeida Pinto [MVP - DS]"
>>> <SubstituteThisWithMyFullNameSeparatedByDots@gmail.com> wrote in
>>> message news:eQL54$FHHHA.420@TK2MSFTNGP06.phx.gbl...
>>>> Tomek provides information about this:
>>>> http://blogs.dirteam.com/blogs/tomek...04/Schema-exte
>>>> ns
>>>> ions-for-Vista-new-features.aspx
>>>> --
>>>> Cheers,
>>>> (HOPEFULLY THIS INFORMATION HELPS YOU!)
>>>> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services
>>>> BLOG (WEB-BASED)-->
>>>> http://blogs.dirteam.com/blogs/jorge/default.aspx
>>>> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
>>>> -------------------------------------------------------------------
>>>> --
>>>> ---------------------
>>>> * This posting is provided "AS IS" with no warranties and confers
>>>> no
>>>> rights!
>>>> * Always test before implementing!
>>>> -------------------------------------------------------------------
>>>> --
>>>> ---------------------
>>>> #################################################
>>>> #################################################
>>>> -------------------------------------------------------------------
>>>> --
>>>> ---------------------
>>>> "Ragnar" <Ragnar@noemail.noemail> wrote in message
>>>> news:ea2k0Q%23GHHA.1216@TK2MSFTNGP05.phx.gbl...
>>>>> Hi
>>>>>
>>>>> Where can I find the Active Directory Schema script/procedure
>>>>> required to enable Bitlocker recovery to Active Directory? Isn't
>>>>> it available for download yet?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> Regards,
>>>>> Ragnar

01-12-2007	#6 (permalink)
Mika Seitsonen n/a posts	Re: Windows Vista Bitlocker Active Directory Schema Hi again, The guide and included LDIF file and scripts are finally available: http://www.microsoft.com/downloads/d...displaylang=en A bit more information on http://msmvps.com/blogs/mika/archive...formation.aspx. I've tested all of the tools with Lenovo Thinkpad T60 and found them working HTH Mika > Hi > > Yes I also found that it did not work with these schema extensions. So > it is as I feared - patience is required while we wait on Microsoft to > provide the necessary information and tools....Thanks. > > /Ragnar > > "Mika Seitsonen" <mika.seitsonen_at_iki.fi> wrote in message > news:779f3f61875e8c8eb8c8909035f@msnews.microsoft.com... > >> Hi Ragnar, >> >> You should not use ADprep on Vista DVD as the results are not what >> you look for. Microsoft will make information on storing Bitlocker >> Recovery keys in AD available soon - I'd guess when its ready >> ADprep command and accompanying ldf files on Vista DVD are there for >> informational purpose only and as such they should not be used in >> production AD (2000/2003/R2). >> >> HTH >> Mika >>> Thanks for your reply. >>> >>> However I have already tried these schema extensions in a test >>> environment - they did not help me enable Bitlocker recovery to AD. >>> The "VistaSecurity_TWP.doc" document refers to something called >>> "BitLocker Active Directory Deployment Pack". Do you (or anyone >>> else) know where I may get a hold of this, seems that this will >>> contain additional details as well as the "AddWriteACEs.vbs" script >>> needed to configure some permissions. >>> >>> Regards, >>> Ragnar >>> "Jorge de Almeida Pinto [MVP - DS]" >>> <SubstituteThisWithMyFullNameSeparatedByDots@gmail.com> wrote in >>> message news:eQL54$FHHHA.420@TK2MSFTNGP06.phx.gbl... >>>> Tomek provides information about this: >>>> http://blogs.dirteam.com/blogs/tomek...04/Schema-exte >>>> ns >>>> ions-for-Vista-new-features.aspx >>>> -- >>>> Cheers, >>>> (HOPEFULLY THIS INFORMATION HELPS YOU!) >>>> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services >>>> BLOG (WEB-BASED)--> >>>> http://blogs.dirteam.com/blogs/jorge/default.aspx >>>> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx >>>> ------------------------------------------------------------------- >>>> -- >>>> --------------------- >>>> * This posting is provided "AS IS" with no warranties and confers >>>> no >>>> rights! >>>> * Always test before implementing! >>>> ------------------------------------------------------------------- >>>> -- >>>> --------------------- >>>> ################################################# >>>> ################################################# >>>> ------------------------------------------------------------------- >>>> -- >>>> --------------------- >>>> "Ragnar" <Ragnar@noemail.noemail> wrote in message >>>> news:ea2k0Q%23GHHA.1216@TK2MSFTNGP05.phx.gbl... >>>>> Hi >>>>> >>>>> Where can I find the Active Directory Schema script/procedure >>>>> required to enable Bitlocker recovery to Active Directory? Isn't >>>>> it available for download yet? >>>>> >>>>> Thanks. >>>>> >>>>> Regards, >>>>> Ragnar
My System Specs