DeployWindows

MBAM works but new BitLocker keys are not reported to server

Published by

Mattias

on

Have you deployed MBAM for manage your BitLocker encrypted computers out there? If you enable BitLocker with MBAM during OSD there are many guides on how you should do. Most of these involve a script, probably from Deployment Guys, and this script will set a bunch of registry settings, involving setting HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MBAM\DeploymentTime equals 1.

This if fine and a perfect solution, just make sure that the registry keys are removed after installation or after the encryption started. If you don’t you will encounter problems like new keys are not reported to MBAM server, MBAM GUI will not show… There are no indication of this in the event log files, because DeploymentTime=1 makes sure MBAM is working in a silent way.

 

Deploy MBAM: http://technet.microsoft.com/en-us/library/dn145025.aspx

Deploy MBAM in OSD: http://technet.microsoft.com/en-us/library/jj571532.aspx

http://blogs.technet.com/b/deploymentguys/archive/2012/02/20/using-mbam-to-start-bitlocker-encryption-in-a-task-sequence.aspx

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Previous Post
Next Post

Recent posts

Quote of the week

"People ask me what I do in the winter when there's no baseball. I'll tell you what I do. I stare out the window and wait for spring."

~ Rogers Hornsby

DeployWindows

About

Mattias working as a technical architect helping mid-sized and large customers. Mainly working in the areas of Microsoft 365 suite. For many years I have devoted my time to modern management/enterprise client infrastructure.

Topics

Website Powered by WordPress.com.