How can we improve Azure Active Directory?

← Azure Active Directory

Recycle Bin For Deleted Devices

Would be great if there was a recover-msoldevice cmdlet or some way to recover a bitlocker recovery key after a device was deleted.

83 votes
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

JPWGC shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

14 comments

Attach a File
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Noor commented  ·   ·  Flag as inappropriate

    This can be very handy to recover a bitlocker key and other scenarios

  • Branden commented  ·   ·  Flag as inappropriate

    Deleted a device from Intune, looks like the Bitlocker key went with it. Realized my mistake minutes later.
    I'm not aware of another location to find the Bitlocker key.
    It would be great to have a recycle bin that holds the deleted item for a few days at least.

  • Walter Rey commented  ·   ·  Flag as inappropriate

    This is something that we all need. Same functionality as in the on-premise AD with its Recycle Bin.
    Not sure why this was not included since the beginning since the functionality was already available in AD but hopefully it is added soon.
    I just recently had an employee leave the company and there is some proprietary data on his encrypted company machine and we can't access it because the BitLocker key was stored on the ADD/Intune record and that device entry was removed when the AD account was removed.

  • Jonathan Thomas commented  ·   ·  Flag as inappropriate

    Currently own a very expensive door stopper (laptop with deleted bitlocker key). Would be a good idea to have the ability to recover deleted keys from AAD.

  • Martin Wüthrich commented  ·   ·  Flag as inappropriate

    yes, would love that too.
    the existing cmdlet Restore-AzureADMSDeletedDirectoryObject should be renamed until then, it's kind of misleading with "Objects" when it does only cover specific O365 groups

  • Martins Jonass commented  ·   ·  Flag as inappropriate

    Absolutely needed. External drive got locked with BitLocker with device I was backing up before reinstallstion. I didn’t know that till I connected external drive to device after reinstall. But I also deleted device in Azure AD to keep it organized.
    I can’t access backup data without the BitLocker key. Please make it possible.

  • Yannic Graber commented  ·   ·  Flag as inappropriate

    Absolutely needed. Something like a 30 day deletion retention would be nice, like it's done for O365 data for example.

  • Sebastien commented  ·   ·  Flag as inappropriate

    I'm looking for way to recover an accidentally deleted device with the same goal as you: recovering a bitlocker key...

Azure Active Directory: Device Registration

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice