Bitlocker encrypted? Reporting on Bitlocker machine account properties
Query for Bitlocker recovery keys (properties of machines) and then getting the owner of key. Using the useful (and free) Quest ActiveRoles commandlets but you can do this with regular activedirectory powershell module too. add-pssnapin quest.activeroles.admanagement -ErrorAction Silentlycontinue $DesktopsOU= "OU=Win7,OU=Workstations,DC=companyname,DC=com" # or whatever your machine OU is Get-QADObject -SizeLimit 0 -IncludedProperties Name,ParentContainer -SearchRoot $DesktopsOU | Where-Object {$_.type -eq "msFVE-RecoveryInformation"} | Foreach-Object {Split-Path -Path $_.ParentContainer -Leaf} | Select-Object -Unique The following page links to a script which will give you a CSV report http://blog.