Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise

151

152

153

154

155

156

157

158

159

160

Manage Policies

Allow Data Recovery Agent for Protected Fixed Data Drives

Config User Storage of BitLocker 48-digit Recovery Password

Config User Storage of BitLocker 256-bit Recovery Key

Omit Recovery Options from the BitLocker Setup Wizard

Save BitLocker Recovery Info to AD DS for Fixed Data Drives

BitLocker Recovery Info to Store in AD DS

Do Not Enable BitLocker Until Reco

very Info is Stored in AD DS

for Fixed Data Drives

Allow Data

Recovery Agent

for Protected

Fixed Data

Drives

Selected

Not Selected

When Selected, a data recovery agent is allowed for use with

BitLocker protected fixed data drives. Before the agen

t can be

used, it must be added from the Public Key Policies in either

the Group Policy Management Console or the Local Group Policy

Editor.

When setting this policy to Selected, the Choose How

BitLocker-

protected Fixed Drives Can be Recovered policy must

also be set to Selected.

Configure User

Storage of

BitLocker 48-

digit Recovery

Password

Allow

Require

Do Not Allow

This policy determines if a user is allowed, required, or not

allowed to generate a 48-digit password.

When setting this policy to Allow or Require, the Choose How

BitLocker-

protected Fixed Drives Can be Recovered policy must

also be set to Selected.

Configure User

Storage of

BitLocker 256-

bit Recovery

Key

Allow

Require

Do Not Allow

This policy determines if a user is allowed, req

uired, or not

allowed to generate a 256-bit recovery key.

When setting this policy to Allow or Require, the Choose How

BitLocker-

protected Fixed Drives Can be Recovered policy must

also be set to Selected.

Omit Recovery

Options from

the BitLocker

Setup Wizard

Not Selected

Selected

Not Selected

When Selected, users are prevented from specifying recovery

options when BitLocker is enabled. Recovery options for the

drive are determined by policy settings.

When setting this policy to Not Selected, the Choose How

BitLocker-

protected Fixed Drives Can be Recovered policy must

also be set to Selected.

Save BitLocker

Recovery

Information to

AD DS for

Fixed Data

Drives

Selected

Not Selected

Selected allows BitLocker recovery information to be stored in

AD DS

for fixed data drives. BitLocker recovery information is

always saved to the Dell Serve. Enabling this policy

additionally saves the information to AD.

More...

The appropriate schema extensions and access control settings

on the domain must be first confi

gured before AD DS backup can

succeed.

When setting this policy to Selected, the Choose How

BitLocker-

protected Fixed Drives Can be Recovered policy must

also be set to Selected.

Set this policy to Selected to use the policy BitLocker

Recovery Information to Store in AD DS.

BitLocker

Recovery

Information to

Store in AD DS

Recovery Passwords and Key Packages

Recovery Passwords Only

This policy provides the option of storing recovery passwords

and key packages, or storing

the recovery password only in AD

DS. The appropriate schema extensions and access control

144