I use "manage-bde" in Powershell to remotely check the status of Bitlocker encryption on domain computers.
We have several connected domains, but for this lets say Domain1 and Domain2. When I try to run manage-bde from my computer in Domain1 querying a remote computer in domain2 I get "Access Denied" due to it using my credentials from Domain1 that I am currently logged in to.
Is there a way to run manage-bde when logged in to Domain1 with credentials for Domain2?
Lacking a domain trust or a bunch of other horsing around, it is not easy across domains with just manage-bde. Combine it with psexec and move on.
Use SysInternals psexec (free) specifying remote computer, valid remote credentials, and the manage-bde command. Remote computer and valid remote credentials are part of psexec using this approach, not manage-bde. manage-bde would be executed locally on the remote endpoint.
For example from a domain1 workstation:
psexec \\workstation.domain2.local -h -u domain2\bitlockeradmin manage-bde -status
