It has been a while since I have posted anything, mainly due to changing jobs and the time spent with my ever growing family. This is not to say that I have not been keeping up with scripting development...far from it! I had an interesting one today where a request came in for the following : “I need the bitlocker recovery password for a deleted computer object” As my current environment does not support the AD cmdlets, I looked to the quest tool set and was pleasantly surprised. Here is what I came up with, commented in line... #for easy editing, define the computername that has been deleted $compname = "ABC12345" #search AD including Deleted objects (-tombstone) for recovery information objects and filter where the last known parent contains the computer name. Then just return the password $recoverykey = Get-QADObject -Tombstone -Type "msFVE-RecoveryInformation" -SizeLimit 0 -Includedproperties msFVE-RecoveryPassword -SearchRoot "CN=Deleted Objects
Powershell for Active Directory