When you encrypt drives with BitLocker it can be a nightmare to manually keep track of recovery keys, it therefore makes sense to use the built-in integration with Active Directory Domain Services (AD DS). Cyril Kardashevsky of The IT Bros has an excellent comprehensive how-to guide to configuring your AD and GPO. It doesn’t detail how to enforce BitLocker drive encryption but if you encrypt as part of your workstation setup then the keys will automatically be stored in AD for you once the GPO is in place.
Clean Windows install – recover original product key
A clean re-installation of Windows 11 failed to detect the original (OEM) digital licence on the machine. The...