Найти все машины, у которых не задан пароль восстановления Bitlocker

Import-Module ActiveDirectory
#$date = [DateTime]::Today.AddDays(-60)
$pcs = Get-ADComputer -Filter  'Enabled -eq $true -and OperatingSystem -like "*Windows*"'
foreach ($pc in $pcs) {
$dn = $pc.DistinguishedName
$ldPath = "AD:\",$dn -join ""
if ((Get-ChildItem $ldPath | where {$_.objectClass -eq "msFVE-RecoveryInformation"}) -eq $null) {echo $pc.name}}