BitLocker API

Applies To: Windows Server 2008

An application programming interface (API) is the gateway between the application programs, including the Windows interface, and the underlying components of the operating system. The BitLocker API is implemented in the dynamic link library (DLL) named fveapi.dll. The Windows interface and the BitLocker Windows Management Instrumentation (WMI) provider use the commands in the API. These API commands control the operation of the BitLocker filter driver. The API and the filter driver together provide the functionality of BitLocker Drive Encryption.

Aspects

The following is a list of all aspects that are part of this managed entity:

Name Description

BitLocker Recovery Password Backup

Recovery information for Windows BitLocker Drive Encryption (BitLocker) can be automatically backed up to Active Directory Domain Services (AD DS). Recovery information for BitLocker includes the recovery password for each BitLocker-enabled volume, and the information required to identify which computers and volumes the recovery information applies to.

You can also configure systems to back up a binary package containing the actual keying information in an encrypted form. Recovery information is not backed up by default, but administrators can configure backup by using Group Policy settings. For more information, see "Configuring Active Directory to Back up Windows BitLocker Drive Encryption and Trusted Platform Module Recovery Information" (https://go.microsoft.com/fwlink/?LinkID=67438).

Core Security