Systems Deployment Question
K2000 Deployment - store bitlocker key in AD only works on first domain GPO update
I'm hoping somebody could give me some additional brain thoughts on the following matter:
- We have a succesfull windows 10 deployment which adds the laptop to our domain.
- This domain has a GPO which mentiones that bitlocker keys should be stored in AD on the computer object.
- One of the final tasks is to enable bitlocker but as this is a deploymen this task is run as the local admin user defined in the K2000 deployment file.
- As this is a local user, and no domain user has been logged on before, the GP defining to store the bitlocker key is not triggerd and the key is not stored in AD.
So at this point there is a manual step at the end by logging on as a domain admin/user to fetch the first GP's and then enable the bitlocker key;
Does anybody have an idea how I could enable bitlocker as a domain user, keeping in mind that the GP from the domain should be know to store the key?