c＃来自Active Directory的Bitlocker信息

Question

我试图通过以下功能从活动目录中获取所有用户的位锁定恢复信息。 我尝试了很多不同的解决方案，但没有一个解决了我的问题。 我可以获得大多数计算机属性，如操作系统，Service Pack期望位锁定器信息。 是否有任何特殊权限或方法可以使用msFVE-RecoveryInformation进行搜索？

方法1：

 DirectoryEntry child = new DirectoryEntry("LDAP://XXXXX");
        DirectoryEntries enteries = child.Children;
        DirectorySearcher ds = new DirectorySearcher(child);
        ds.Filter = "(&(objectCategory=Computer)(cn=computerName))";
        ds.SearchScope = SearchScope.Subtree;
        SearchResultCollection item = ds.FindAll();

        //string dn = item.GetDirectoryEntry().Properties["distinguishedname"].Value.ToString();
        string temp1 = System.DirectoryServices.AccountManagement.UserPrincipal.Current.DistinguishedName;
        child = new DirectoryEntry(("LDAP://" + temp1), "XXXXX", "XXXXX");
        enteries = child.Children;
        ds = new DirectorySearcher(child);
        ds.Filter = "(objectClass=msFVE-RecoveryInformation)";
        ds.SearchScope = SearchScope.Subtree;

        SearchResultCollection result = ds.FindAll();

        if (result.Count > 0)
        {
            foreach (SearchResult sr in result)
            {
                string recoveryKeyPackage = sr.GetDirectoryEntry().Properties["msFVE-KeyPackage"].Value.ToString();
                string recoveryGUID = sr.GetDirectoryEntry().Properties["msFVE-RecoveryGuid"].Value.ToString();
                string recoveryPassword = sr.GetDirectoryEntry().Properties["msFVE-RecoveryPassword"].Value.ToString();
                string recoveryVolumeGUID = sr.GetDirectoryEntry().Properties["msFVE-VolumeGuid"].Value.ToString();
            }
        }
        else
        {
           Console.Write ("No recovery information found!");
        } 

方法2：

 public Dictionary<string, string> GetBitlockerKeys(string computerName)
    {
        DirectoryEntry dEntry = new DirectoryEntry("LDAP://XXXX");
        var keys = new Dictionary<string, string>();
        using (var computerObject = dEntry)
        {
            var children = computerObject.Children;
            var schemaFilter = children.SchemaFilter;
            schemaFilter.Add("msFVE-RecoveryInformation");
            foreach (DirectoryEntry child in children) using (child)
                {
                    var recoveryGuid = new Guid((byte[])child.Properties["msFVE-RecoveryGuid"].Value).ToString();
                    var recoveryPassword = child.Properties["msFVE-RecoveryPassword"].Value.ToString();
                    if (!keys.ContainsKey(recoveryGuid))
                    {
                        keys.Add(recoveryGuid, recoveryPassword);
                    }
                }
        }

        return keys;
    }