I have a couple machines I want to roll out BitLocker on the system drive, idealy I'd have the machines write the recovery key to AD. I've got all this set up and this seems to work fine, the machines are encrypted and the recovery passwords are available in AD. However for recovery purposes it would be useful if I were able to unlock the drive if attached to a different machine, this is where I run into some problems. When trying to unlock the drive both in explorer and with cmd (manage-bde.exe -unlock F: -recoverypassword xxxxxx-....
)I get "ERROR: The password failed to unlock volume F:". The recovery keys I get while encrypting and the ones provided in AD are the same and so are the ID's.
I've tried this on both a Windows 8 and Windows 10 machine and both with and without BitLocker gpo's set. The machines have a TPM chip onboard
The error I'm getting while using explorer to unlock the drive, translated in english "The key doesn't this drive": https://i.sstatic.net/M8HY7.png
Any help with this issue would be appreciated
Regards