Settings for emergency logon

If users are no longer able to log on to pre-boot authentication (for example, because they forgot their password), you will need to configure the emergency logon settings.

Please do the following:

1. To start the recovery/emergency wizard, open the Operating node in the DriveLock Management Console and right-click the Agent remote control sub-node to open the context menu.

2. Here you select BitLocker Management recovery and then BitLocker Management recovery / emergency logon (see figure).

   

3. The recovery wizard opens.

   Select Emergency logon. If your recovery keys are sent to the DriveLock Enterprise Service, do not change the default setting DriveLock Enterprise Service. To specify the path to the required recovery keys later, select Recovery files (copied by agent computer).

   

4. For the emergency logon procedure you need the private key of the recovery certificate. In the second dialog, specify the storage location, either Windows certificate store, a smart card or a PFX file together with the respective password. For more information on certificates, please click here. Click Next.
5. The third dialog provides a list of computers where you can select the computer to restore. Check the option only show the most recent entry for each computer. Click Next.

6. Next, you will see the dialog for entering the user's request/recovery code.

   Enter the code in the appropriate text boxes (see figure). You can optionally specify the name of the user.

   The recovery code provided by the user is mandatory.

   

7. Click Next to generate the response code.

   

8. Tell the user the response code.
9. Click Finish.