From a10a83423b26459bb7ba1d1c5b07ab52a4ac837d Mon Sep 17 00:00:00 2001
From: forevanyeung <forevanyeung@users.noreply.github.com>
Date: Thu, 17 May 2018 12:49:33 -0400
Subject: [PATCH 1/2] GetADBitlockerRecoveryKey

Added web method to get the Bitlocker recovery key from AD via the Bitlocker ID
---
 .../ConfigMgrWebService.asmx.cs               | 58 +++++++++++++++++++
 1 file changed, 58 insertions(+)

diff --git a/ConfigMgrWebService/ConfigMgrWebService.asmx.cs b/ConfigMgrWebService/ConfigMgrWebService.asmx.cs
index b2e352e..a218abb 100644
--- a/ConfigMgrWebService/ConfigMgrWebService.asmx.cs
+++ b/ConfigMgrWebService/ConfigMgrWebService.asmx.cs
@@ -2346,6 +2346,64 @@ public bool RemoveADComputer(string secret, string samAccountName)
             return returnValue;
         }
 
+        [WebMethod(Description = "Get the Bitlocker Recovery Key from AD")]
+        public string GetADBitlockerRecoveryKey(string secret, string bitlockerID)
+        {
+            MethodBase method = MethodBase.GetCurrentMethod();
+            MethodBegin(method);
+
+            //' Variable for Bitlocker Recovery Key
+            string bdeRecoveryKey = string.Empty;
+
+            //' Validate secret key
+            if (secret == secretKey)
+            {
+                //' Set empty value for search result
+                SearchResult searchResult = null;
+                DirectoryEntry directoryObject = null;
+
+                //' Get default naming context of current domain
+                string defaultNamingContext = GetADDefaultNamingContext();
+                string currentDomain = String.Format("LDAP://{0}", defaultNamingContext);
+
+                //' Construct directory entry for directory searcher
+                DirectoryEntry domain = new DirectoryEntry(currentDomain);
+                DirectorySearcher directorySearcher = new DirectorySearcher(domain);
+                directorySearcher.Filter = String.Format("(&(objectClass=msFVE-RecoveryInformation)(Name=*{0}*))", bitlockerID);
+                directorySearcher.PropertiesToLoad.Add("msFVE-RecoveryPassword");
+
+                //' Invoke directory searcher
+                try
+                {
+                    searchResult = directorySearcher.FindOne();
+                    if (searchResult != null)
+                    {
+                        //' Get computer object from search result
+                        directoryObject = searchResult.GetDirectoryEntry();
+
+                        if (directoryObject != null)
+                        {
+                            bdeRecoveryKey = (string)directoryObject.Properties["msFVE-RecoveryPassword"].Value;
+
+                            // Dispose directory object
+                            directoryObject.Dispose();
+                        }
+                    }
+                }
+                catch (Exception ex)
+                {
+                    WriteEventLog(String.Format("An error occured when attempting to locate Active Directory object. Error message: {0}", ex.Message), EventLogEntryType.Error);
+                }
+
+                //' Dispose objects
+                directorySearcher.Dispose();
+                domain.Dispose();
+            }
+
+            MethodEnd(method);
+            return bdeRecoveryKey;
+        }
+
         [WebMethod(Description = "Write event to web service log")]
         public bool NewCWEventLogEntry(string secret, string value)
         {

From 276e90bbeccbfe1113c079a0741d15134d2ca0c4 Mon Sep 17 00:00:00 2001
From: forevanyeung <forevanyeung@users.noreply.github.com>
Date: Thu, 17 May 2018 12:50:36 -0400
Subject: [PATCH 2/2] Update README.md

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 256941a..6931b7e 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,7 @@ The list below shows an overview of the available methods:
 - SetADComputerDescription 
 - SetADOrganizationalUnitForComputer 
 - RemoveADComputerFromGroup 
+- GetADBitlockerRecoveryKey
 
 ## Supported Configurations
 This web service has been built to support the following versions of System Center Configuration Manager: