Write-MbamRecoveryInformation

Letzte Aktualisierung: August 2015

Betrifft: Microsoft BitLocker Administration and Monitoring 2.5, Microsoft BitLocker Administration and Monitoring 2.5 SP1

Write-MbamRecoveryInformation

Writes the recovery information of a BitLocker encrypted volume to the Microsoft BitLocker Administration and Monitoring (MBAM) server.

Syntax

Parameter Set: Default
Write-MbamRecoveryInformation -Computer <String> -RecoveryPassword <SecureString> -RecoveryPasswordID <Guid> -RecoveryServiceEndPoint <Uri> -VolumeID <Guid> [-ComputerUser <String[]> ] [-Force] [-RecoveryPackage <Byte[]> ] [-RetryCount <Int32> ] [-RetryIntervalSeconds <Int32> ] [-Time <DateTime> ] [ <CommonParameters>]




Detaillierte Beschreibung

The Write-MbamRecoveryInformation cmdlet writes the recovery information of a BitLocker encrypted volume to the Microsoft BitLocker Administration and Monitoring (MBAM) server. The RecoveryServiceEndPoint parameter is required and identifies the MBAM server instance to which the recovery information will be written. The Computer parameter is required and identifies the name and domain of the computer associated with the recovery information. The VolumeID parameter is required and uniquely identifies the BitLocker encrypted volume associated with the recovery information. The RecoveryPassword parameter is required and is the 48-digit value used for securing the recovery key package of the BitLocker encrypted volume. The RecoveryPasswordID parameter is required and uniquely identifies the correct recovery password. The timestamp of the recovery information is required and is supplied through the Time parameter.

Parameter

-Computer<String>

Specifies the domain name and computer name of the domain-joined computer in <domain name>\<machine name> format (for instance "contoso.com\User1-pc").


Aliasse

none

Erforderlich?

true

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

true(ByPropertyName)

Platzhalterzeichen akzeptieren?

false

-ComputerUser<String[]>

Specifies a string array of fully qualified domain user accounts that have permission to access this volume recovery information in user principal name (UPN) (<login name>@<domain name> format (for instance: @("User1@contoso.com", "User2@contoso.com"))


Aliasse

user

Erforderlich?

false

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

true(ByPropertyName)

Platzhalterzeichen akzeptieren?

false

-Force

Erzwingt, dass der Befehl ohne Benutzerbestätigung ausgeführt wird.


Aliasse

none

Erforderlich?

false

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

false

Platzhalterzeichen akzeptieren?

false

-RecoveryPackage<Byte[]>

Specifies a byte array representing the BitLocker encryption key secured by the corresponding recovery password. The package is associated with the volume identified by the VolumeID. The recovery package corresponds to the ms-FVE-KeyPackage value in Active Directory (AD).


Aliasse

rkp,package

Erforderlich?

false

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

true(ByPropertyName)

Platzhalterzeichen akzeptieren?

false

-RecoveryPassword<SecureString>

Specifies the 48-digit recovery password used for securing the recovery key package and unlocking BitLocker-protected drive in recovery mode. The recovery password corresponds to the ms-FVE-RecoveryPassword value in AD, and has the standard 8 tuples of 6 digits format dddddd-dd ... dd-dddddd.


Aliasse

rp,password

Erforderlich?

true

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

true(ByPropertyName)

Platzhalterzeichen akzeptieren?

false

-RecoveryPasswordID<Guid>

Specifies the unique identifier associated with a BitLocker recovery password, used for identifying the correct recovery password. The identifier is in GUID format (for instance: {xxxxxxxx-xxxx ... xxxx}) and corresponds to the ms-FVE-RecoveryGuid, and has the standard GUID format.


Aliasse

rpid,passwordid

Erforderlich?

true

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

true(ByPropertyName)

Platzhalterzeichen akzeptieren?

false

-RecoveryServiceEndPoint<Uri>

Specifies the path to the MBAM Recovery Service endpoint on the network. The URL for MBAM Recovery service endpoint is http(s)://<servername>:<port>/MBAMRecoveryAndHardwareService/CoreService.svc. (for instance: https://mbamserver.contoso.com:8080/ MBAMRecoveryAndHardwareService/CoreService.svc)


Aliasse

svc,service

Erforderlich?

true

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

false

Platzhalterzeichen akzeptieren?

false

-RetryCount<Int32>

Specifies the maximum number of times to retry to send Recovery Information. The cmdlet proceeds to the next record after the retry limit is exceeded.


Aliasse

rc

Erforderlich?

false

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

false

Platzhalterzeichen akzeptieren?

false

-RetryIntervalSeconds<Int32>

Specifies the amount of time in seconds to wait before the cmdlet retries to send the recovery information.


Aliasse

ri

Erforderlich?

false

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

false

Platzhalterzeichen akzeptieren?

false

-Time<DateTime>

Specifies the timestamp associated with the recovery information.


Aliasse

none

Erforderlich?

false

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

true(ByPropertyName)

Platzhalterzeichen akzeptieren?

false

-VolumeID<Guid>

Specifies the unique drive identifier of the BitLocker protected drive associated with the recovery information. The identifier is in GUID format (for instance: {xxxxxxxx-xxxx ... xxxx}) and corresponds to the msFVE-VolumeGuid value in AD.


Aliasse

vid

Erforderlich?

true

Position?

named

Standardwert

none

Pipelineeingaben akzeptieren?

true(ByPropertyName)

Platzhalterzeichen akzeptieren?

false

<CommonParameters>

Dieses Cmdlet unterstützt die allgemeinen Parameter: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, -OutVariable. Weitere Informationen finden Sie unter about_CommonParameters (http://go.microsoft.com/fwlink/p/?LinkID=113216).

Eingaben

Der Eingabetyp ist der Typ der Objekte, die über die Pipeline an das Cmdlet übergeben werden können.

Ausgaben

Der Ausgabetyp ist der Typ der Objekte, die vom Cmdlet ausgegeben werden.

Beispiele

Example 1: Write user recovery information on a specified computer to the MBAM server

This command writes the recovery information for the user named User1@Contoso.com on the computer named Computer.Contoso.com to the MBAM server listening at the recovery service end point address http://mbamserver.contoso.com:8080.


PS C:\> Write-MbamRecoveryInformation -Computer Computer.Contoso.com -ComputerUser @("User1@Contoso.com") -Time 1/20/2015 -RecoveryPassword 311111-363319-126170-621720-547228-519706-367873-363880 -RecoveryPasswordID Af3d4a74-f650-4370-AAA2-cbfc7fe2abb8 -VolumeId Bf3d4a74-f650-4370-BBB2-cbfc7fe2abb8 -RecoveryPackage @(49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49) -RecoveryServiceEndPoint http://mbamserver.contoso.com:8080 -Force                        

Example 2: Write user recovery information on a specified computer to the MBAM server with verbose output

This command writes the recovery information specified by the cmdlet input parameters to the MBAM server listening at the recovery service end point address http://mbamserver.contoso.com:8080.

This command also displays a confirmation message.


PS C:\> Write-MbamRecoveryInformation -Computer Machine.Contoso.com -ComputerUser @("User1@Contoso.com") -Time 1/20/2015 -RecoveryPassword 311111-363319-126170-621720-547228-519706-367873-363880 -RecoveryPasswordID Af3d4a74-f650-4370-AAA2-cbfc7fe2abb8  -VolumeId Bf3d4a74-f650-4370-BBB2-cbfc7fe2abb8 -RecoveryPackage @(49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49) -RecoveryServiceEndPoint http://mbamserver.contoso.com:8080 -Force -Verbose

Example 3: Write user recovery information on a specified computer to the MBAM server with verbose output and attempt recovery if the cmdlet fails

This command writes the recovery information specified by the cmdlet input parameters to the MBAM server listening at the recovery service end point address http://mbamserver.contoso.com:8080.

This command also displays a confirmation message.

If the write attempt is unsuccessful, the cmdlet retries two more times after an interval of five seconds.


PS C:\> Write-MbamRecoveryInformation -Computer Machine.Contoso.com -ComputerUser @("user@Contoso.com") -Time 1/20/2015 -RetryCount 2 -RetryIntervalSeconds 5 -RecoveryPassword 311111-363319-126170-621720-547228-519706-367873-363880  -RecoveryPasswordID Af3d4a74-f650-4370-AAA2-cbfc7fe2abb8 -VolumeId Bf3d4a74-f650-4370-BBB2-cbfc7fe2abb8 -RecoveryPackage @(49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49) -RecoveryServiceEndPoint http://mbamserver.contoso.com:8080 -Force -Verbose

Verwandte Themen

Community-Beiträge

HINZUFÜGEN
Anzeigen: