Hi all, We use BitLocker drive encryption in our enterprise environment. Since the DC is based on Windows Server 2003 R2 and we want only domain admin to see recovery password information via BitLocker Password tab in Active Directory Users and Computer snap-in, so I enabled RSAT and used domain administrator previlege to turn on BitLocker Passsword Recovery Viewer on one Windows 7 (computer A), then I run "regsvr32.exe BdeAducExt.dll" to register the BitLocker Password dll on the Windows 7 (computer A). The funny thing happens: the other users who hasn't run "regsvr32.exe BdeAducExt.dll" on their Windows 7 client, they can also see the BitLocker Password tab via ADUC from their Windows 7 computer. I want to know how "regsvr32.exe BdeAducExt.dll" works? and why this funny thing happens? Is this a bug??? Thanks for any explaination or hint. Scorprio TechNet Software Assurance Managed Newsgroup MCTS: Windows Vista | Exchange Server 2007 MCITP: Enterprise Support Technician | Server & Enterprise Admin

Hi, Is there anyone help me?TechNet Software Assurance Managed Newsgroup MCTS: Windows Vista | Exchange Server 2007 MCITP: Enterprise Support Technician | Server & Enterprise Admin

Guess you could go check out the computer object in AD using ADSIEDIT.msc and see if the key is stored there. If so check the premissions and who can read the attributes on it. If I am not to much of I think the key is stored in a sub object in the computer object, check out the security rights on it and you will find out who has access to reading the key. Can't test this out where I'm at now, but it kinda sound logical. Regards Morten

Hi Morten, Thank you for your reply. However, this still doesn't help to figure out why the BitLocker Password Tab will be appear on all of the Windows 7 clients when I only run "regsvr32.exe BdeAducExt.dll" on one of them? Is there any explaination?TechNet Software Assurance Managed Newsgroup MCTS: Windows Vista | Exchange Server 2007 MCITP: Enterprise Support Technician | Server & Enterprise Admin

Is there any Microsoft Support guy??TechNet Software Assurance Managed Newsgroup MCTS: Windows Vista | Exchange Server 2007 MCITP: Enterprise Support Technician | Server & Enterprise Admin

That is strange, and not something I have seen or can help with sorry :(