Data recovery agent

From EIK wiki

Data Recovery Agent

Data Recovery Agent koos BitLocker

Data Recovery Agent kontot saab kasutada dekrüpeerimiseks BitLockeri krüpteeritud kasutsseadet Windows 7´s.

Kasutaja peab lisama andmete taastamis agendi, kes on litsendiga isik võimeline dekrüpteerima kaitstud seadme, BitLocker Drive Encyriptionist kas siis Group Policy Management Consoe (GPMC) alt, või Local Group Policy Editoriga.

Data Recovery Agent saab seadistada peale Windows 7 installeerimist ja võimaldama ja seadistama kordumatu tunnuse teie organisatsioonipoliitika seadistamisel siduda unikaalne identifikaator, mis on lubatud koos BitLockeriga.. Identifitseerimis väljad on nõutud et, oleks võimalik hallata andmete taastamist BitLockeri kaitstud kettal. BitLocker haldab ja uuendab ainult siis Data Recovery Agenti kui identifitseerimis väljad on kettal ettenäidatud ja on identsed väärtusega, mis on konfigureeritud arvutis.Seda Windows 7 küsimust on tõstatatud mitmeid kordi.

Et luua data recovery agente BitLockerig, peab konfigureerima Bitlockeri identifitseerimas välja ja tuvastama data recovery agendi Public Key Policies Group Policy setingutes Bitlocker Drive Encryption.BITLOCKER1 tarvis.


Kuidas seda kõike teha

Kõigepealt peaksid sa veenduma, et oled liige lokaalses administraatori grupis.

Et määrata Bitlockeri haldamis välju Bitlockeri kaitstud kettal järgi all olevat õpetust.

  1. Log on as an administrator to the computer where you want to assign the identification field.
    1. Open a Command Prompt. Click Start, type cmd in the Search programs and files box.
    2. At the command prompt, type the following command, replacing <drive letter> by the drive letter identifier (for example, E:) of the BitLocker-protected drive – manage-bde -SetIdentifier <drive letter>
    3. The Manage-bde command-line tool will set the identification field to the value specified in the Provide the unique identifiers for your organization Group Policy setting.
    4. After the value has been set, Manage-bde will display a message informing you that the drive identifier has been set.



Kuidas seadistada identifitseerimis väljad.

  1. Click BitLocker Drive Encryption in Windows 7 in the GPMC or Local Group Policy Editor under Computer Configuration\Administrative Templates\Windows Components, to show the policy settings.
    1. Double-click the Provide the unique identifiers for your organization policy setting in the details pane.
    2. Click Enable. In BitLocker Identification Field, enter the identification field for your organization.
    3. Click OK to apply and close the policy setting.
    4. configure a data recovery agent:
    5. Open GPMC or the Local Group Policy Editor.
    6. In the console tree under Computer Configuration\Windows Settings\Security Settings\Public Key Policies, right-click BitLocker Drive Encryption.
    7. Click Add Data Recovery Agent to start the Add Recovery Agent Wizard. Click Next.
    8. On the Select Recovery Agents page, click Browse Folders, and select a .cer file to use as a data recovery agent. After the file is selected, it will be imported and will appear in the Recovery agents list in the wizard. Multiple data recovery agents can be specified. After you have specified all the data recovery agents that you want to use, click Next.
    9. The Completing the Add Recovery Agent page of the wizard displays a list of the data recovery agents that will be added to the Group Policy. Click Finish to confirm the data recovery agents, and close the wizard.