Bitlocker recovery key in Azure AD

At my current job I normally do not handle IT support but since I have a history of doing support my colleagues sometimes asks me for help. Todays issue was a computer with a new motherboard that was missing a Bitlocker Recovery Key.

We are a small company so we do not have out own infrastructure and are relying on Azure AD. When you join a Bitlocker encrypted device to Azure AD the key is stored in you user account in the Azure portal. To retrieve it, log in to the Azure Portal, goto Azure Active Directory and open the User you are looking for. In the user properties go to devices and find the key. If the user has more than one key you can use the Bitlocker Key ID to locate the correct key.



Finding your Bitlocker Recovery Key in Azure AD

Adding users WITHOUT an Azure AD Accounts to Dynamics 365 for Finance and Operations

Normally when using Dynamics 365 for Finance and Operations all you users are part of an Azure AD. This is created when ordering your license and is used for authentication. This AD is either stand-alone or synced with you OnPrem AD.

There might be situations where you need to add external users to your Dynamics installation and if these are part of an Azure AD you just use this guide but if the external part does not have Azure AD then it is a bit more problematic… You do not want to add them to your organization since this might add security issues and sometimes licensing costs, and you might not be able to force them to get their own Azure AD tenant.

There is however another way to do this. It will require the user to get a Microsoft Account, that should not be an issue since it is a free account.

  1. Log into the azure portal and go to Azure AD – All Users
  2. Click New Guest User
  3. Add the users Microsoft account (eg *, *
  4. Go to D365FO and choose Import users
  5. Select the new account, import it and give it the correct user role.

Now the user can log in using their hotmail adress

That’s all for today