[Samba] Bitlocker
Rowland penny
rpenny at samba.org
Wed Jul 17 11:03:05 UTC 2019
On 17/07/2019 10:23, Christian Naumer via samba wrote:
> Am 17.07.19 um 11:10 schrieb Rowland penny via samba:
>
>> I thought Samba always used schema version 47, so you should have the
>> objectclass & attributes in AD, this is the ldif for the objectclass:
>>
>> cn: ms-FVE-RecoveryInformation
>> ldapDisplayName: msFVE-RecoveryInformation
>> governsId: 1.2.840.113556.1.5.253
>> objectClassCategory: 1
>> rdnAttId: cn
>> subClassOf: top
>> systemMustContain: msFVE-RecoveryPassword, msFVE-RecoveryGuid
>> mayContain: msFVE-KeyPackage, msFVE-VolumeGuid
>> systemPossSuperiors: computer
>> schemaIdGuid:ea715d30-8f53-40d0-bd1e-6109186d782c
>> defaultSecurityDescriptor:
>> D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)
>> defaultHidingValue: TRUE
>> systemOnly: FALSE
>> defaultObjectCategory:
>> CN=ms-FVE-RecoveryInformation,CN=Schema,CN=Configuration,<RootDomainDN>
>> systemFlags: FLAG_SCHEMA_BASE_OBJECT
>
> This looks the same on my system. However,
> Computer does not contain ms-FVE-RecoveryInformation under maycontain.
> Does it on your system?
>
> Thanks for looking into this.
>
> Regards
>
I have never used this, but from a google search, I don't think the info
goes into a computers object, try reading this:
https://ndswanson.wordpress.com/2014/10/20/get-bitlocker-recovery-from-active-directory-with-powershell/
Rowland
More information about the samba
mailing list