Write-MbamRecoveryInformation

Mis à jour: août 2015

S'applique à: Microsoft BitLocker Administration and Monitoring 2.5, Microsoft BitLocker Administration and Monitoring 2.5 SP1

Write-MbamRecoveryInformation

Writes the recovery information of a BitLocker encrypted volume to the Microsoft BitLocker Administration and Monitoring (MBAM) server.

Syntaxe

Parameter Set: Default
Write-MbamRecoveryInformation -Computer <String> -RecoveryPassword <SecureString> -RecoveryPasswordID <Guid> -RecoveryServiceEndPoint <Uri> -VolumeID <Guid> [-ComputerUser <String[]> ] [-Force] [-RecoveryPackage <Byte[]> ] [-RetryCount <Int32> ] [-RetryIntervalSeconds <Int32> ] [-Time <DateTime> ] [ <CommonParameters>]




Description détaillée

The Write-MbamRecoveryInformation cmdlet writes the recovery information of a BitLocker encrypted volume to the Microsoft BitLocker Administration and Monitoring (MBAM) server. The RecoveryServiceEndPoint parameter is required and identifies the MBAM server instance to which the recovery information will be written. The Computer parameter is required and identifies the name and domain of the computer associated with the recovery information. The VolumeID parameter is required and uniquely identifies the BitLocker encrypted volume associated with the recovery information. The RecoveryPassword parameter is required and is the 48-digit value used for securing the recovery key package of the BitLocker encrypted volume. The RecoveryPasswordID parameter is required and uniquely identifies the correct recovery password. The timestamp of the recovery information is required and is supplied through the Time parameter.

Paramètres

-Computer<String>

Specifies the domain name and computer name of the domain-joined computer in <domain name>\<machine name> format (for instance "contoso.com\User1-pc").


Alias

none

Obligatoire ?

true

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

true(ByPropertyName)

Accepter les caractères génériques ?

false

-ComputerUser<String[]>

Specifies a string array of fully qualified domain user accounts that have permission to access this volume recovery information in user principal name (UPN) (<login name>@<domain name> format (for instance: @("User1@contoso.com", "User2@contoso.com"))


Alias

user

Obligatoire ?

false

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

true(ByPropertyName)

Accepter les caractères génériques ?

false

-Force

Force la commande à s’exécuter sans demander confirmation à l’utilisateur.


Alias

none

Obligatoire ?

false

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

false

Accepter les caractères génériques ?

false

-RecoveryPackage<Byte[]>

Specifies a byte array representing the BitLocker encryption key secured by the corresponding recovery password. The package is associated with the volume identified by the VolumeID. The recovery package corresponds to the ms-FVE-KeyPackage value in Active Directory (AD).


Alias

rkp,package

Obligatoire ?

false

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

true(ByPropertyName)

Accepter les caractères génériques ?

false

-RecoveryPassword<SecureString>

Specifies the 48-digit recovery password used for securing the recovery key package and unlocking BitLocker-protected drive in recovery mode. The recovery password corresponds to the ms-FVE-RecoveryPassword value in AD, and has the standard 8 tuples of 6 digits format dddddd-dd ... dd-dddddd.


Alias

rp,password

Obligatoire ?

true

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

true(ByPropertyName)

Accepter les caractères génériques ?

false

-RecoveryPasswordID<Guid>

Specifies the unique identifier associated with a BitLocker recovery password, used for identifying the correct recovery password. The identifier is in GUID format (for instance: {xxxxxxxx-xxxx ... xxxx}) and corresponds to the ms-FVE-RecoveryGuid, and has the standard GUID format.


Alias

rpid,passwordid

Obligatoire ?

true

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

true(ByPropertyName)

Accepter les caractères génériques ?

false

-RecoveryServiceEndPoint<Uri>

Specifies the path to the MBAM Recovery Service endpoint on the network. The URL for MBAM Recovery service endpoint is http(s)://<servername>:<port>/MBAMRecoveryAndHardwareService/CoreService.svc. (for instance: https://mbamserver.contoso.com:8080/ MBAMRecoveryAndHardwareService/CoreService.svc)


Alias

svc,service

Obligatoire ?

true

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

false

Accepter les caractères génériques ?

false

-RetryCount<Int32>

Specifies the maximum number of times to retry to send Recovery Information. The cmdlet proceeds to the next record after the retry limit is exceeded.


Alias

rc

Obligatoire ?

false

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

false

Accepter les caractères génériques ?

false

-RetryIntervalSeconds<Int32>

Specifies the amount of time in seconds to wait before the cmdlet retries to send the recovery information.


Alias

ri

Obligatoire ?

false

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

false

Accepter les caractères génériques ?

false

-Time<DateTime>

Specifies the timestamp associated with the recovery information.


Alias

none

Obligatoire ?

false

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

true(ByPropertyName)

Accepter les caractères génériques ?

false

-VolumeID<Guid>

Specifies the unique drive identifier of the BitLocker protected drive associated with the recovery information. The identifier is in GUID format (for instance: {xxxxxxxx-xxxx ... xxxx}) and corresponds to the msFVE-VolumeGuid value in AD.


Alias

vid

Obligatoire ?

true

Position ?

named

Valeur par défaut

none

Accepter l’entrée de pipeline ?

true(ByPropertyName)

Accepter les caractères génériques ?

false

<CommonParameters>

Cette applet de commande prend en charge les paramètres courants : -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer et -OutVariable. Pour plus d’informations, consultez about_CommonParameters (http://go.microsoft.com/fwlink/p/?LinkID=113216).

Entrées

Le type d’entrée correspond au type des objets que vous pouvez transmettre à l’applet de commande.

Sorties

Le type de sortie est le type des objets émis par l’applet de commande.

Exemples

Example 1: Write user recovery information on a specified computer to the MBAM server

This command writes the recovery information for the user named User1@Contoso.com on the computer named Computer.Contoso.com to the MBAM server listening at the recovery service end point address http://mbamserver.contoso.com:8080.


PS C:\> Write-MbamRecoveryInformation -Computer Computer.Contoso.com -ComputerUser @("User1@Contoso.com") -Time 1/20/2015 -RecoveryPassword 311111-363319-126170-621720-547228-519706-367873-363880 -RecoveryPasswordID Af3d4a74-f650-4370-AAA2-cbfc7fe2abb8 -VolumeId Bf3d4a74-f650-4370-BBB2-cbfc7fe2abb8 -RecoveryPackage @(49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49) -RecoveryServiceEndPoint http://mbamserver.contoso.com:8080 -Force                        

Example 2: Write user recovery information on a specified computer to the MBAM server with verbose output

This command writes the recovery information specified by the cmdlet input parameters to the MBAM server listening at the recovery service end point address http://mbamserver.contoso.com:8080.

This command also displays a confirmation message.


PS C:\> Write-MbamRecoveryInformation -Computer Machine.Contoso.com -ComputerUser @("User1@Contoso.com") -Time 1/20/2015 -RecoveryPassword 311111-363319-126170-621720-547228-519706-367873-363880 -RecoveryPasswordID Af3d4a74-f650-4370-AAA2-cbfc7fe2abb8  -VolumeId Bf3d4a74-f650-4370-BBB2-cbfc7fe2abb8 -RecoveryPackage @(49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49) -RecoveryServiceEndPoint http://mbamserver.contoso.com:8080 -Force -Verbose

Example 3: Write user recovery information on a specified computer to the MBAM server with verbose output and attempt recovery if the cmdlet fails

This command writes the recovery information specified by the cmdlet input parameters to the MBAM server listening at the recovery service end point address http://mbamserver.contoso.com:8080.

This command also displays a confirmation message.

If the write attempt is unsuccessful, the cmdlet retries two more times after an interval of five seconds.


PS C:\> Write-MbamRecoveryInformation -Computer Machine.Contoso.com -ComputerUser @("user@Contoso.com") -Time 1/20/2015 -RetryCount 2 -RetryIntervalSeconds 5 -RecoveryPassword 311111-363319-126170-621720-547228-519706-367873-363880  -RecoveryPasswordID Af3d4a74-f650-4370-AAA2-cbfc7fe2abb8 -VolumeId Bf3d4a74-f650-4370-BBB2-cbfc7fe2abb8 -RecoveryPackage @(49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49, 48, 49) -RecoveryServiceEndPoint http://mbamserver.contoso.com:8080 -Force -Verbose

Rubriques connexes

Ajouts de la communauté

AJOUTER
Afficher: