How to centrally manage Vista's BitLocker encryption? System Center Configuration Manager (SCCM) has the answer

Many people (outside Microsoft) have cited concerns over how to manage Windows Vista's Bitlocker encryption feature set for large groups of machines. The native Active Directory functionality works pretty well and covers the automatic publication of the recovery keys so that you can both meet corporate governance requirements (including the Regulation of Investigatory Powers Act (RIPA) in the UK) and provide the means to help users "who's dog has eaten their encryption key" via the help desk.

System Center Configuration Manager (SCCM) enables you to automatically partition the hard disk as required by Bitlocker, configure the Trusted Platform Module (TPM) (if present), automatically configure Bitlocker to encrypt the hard disk, specify the appropriate authentication mechanism (TPM, PIN, USB device) and publish the keys to Active Directory.