1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved Implementing Microsoft Bitlocker(MBAM)

Discussion in 'General Security' started by NateRD82, Nov 9, 2017.

Advertisement
  1. NateRD82

    NateRD82 Thread Starter

    Joined:
    Sep 29, 2017
    Messages:
    12
    I am trying to implement MBAM in my company. What I have so far is the MBAM installed and the helpdesk website working. What I don't have working is how in the world do I get my device to be encrypted and store the recovery key in the MBAM database?
     
  2. Sponsor

  3. NateRD82

    NateRD82 Thread Starter

    Joined:
    Sep 29, 2017
    Messages:
    12
  4. dvk01

    dvk01 Derek Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    51,802
  5. NateRD82

    NateRD82 Thread Starter

    Joined:
    Sep 29, 2017
    Messages:
    12
    Yeah I hear ya! So I looked at the demonstration video and found that there is a CLIENT that needs ran. Im so lost though I think it has something to do with GPO and the TPM stuff. I think I have all the backend stuff working. This isn't fun anymore :(
     
  6. NateRD82

    NateRD82 Thread Starter

    Joined:
    Sep 29, 2017
    Messages:
    12
    I figured out how to get it to work.
     
    Last edited by a moderator: Nov 15, 2017
  7. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    107,632
    i've edited your post as we would appreciate it if you would post the solution here that would be helpful to others since all assistance is to be done on the boards and not privately.
     
  8. NateRD82

    NateRD82 Thread Starter

    Joined:
    Sep 29, 2017
    Messages:
    12
    To go into how the backend is setup refer to the link provided. I installed my MBAM server on my SCCM Server to link up the reports. When installing the MBAM Client you need to do a couple of things. You will need to make a GPO for this to work and that's where it got tricky for me. I don't know which are required but this is my setup in GPO. You will need to download the MDOP MBAM.admx templates.

    upload_2017-11-15_15-3-25.png upload_2017-11-15_15-3-53.png upload_2017-11-15_15-4-6.png

    Once those are set. You can do a gpupdate /force once you put a Computer into the OU you are testing. Verify that you got the update by doing a gpresult /h c:\gpresult.html from command prompt. If you see your MBAM policy you are good. Verify that your device has TPM enabled if not go into bios turn it on and activate it. Install the MBAM Client. Once installed, you need to go to C:\program files\Microsoft\MBAM\mbamclientiu.exe and run that. If that launches you are set. That program was my issue the whole time I couldn't find anything online or even from Microsoft that mentioned this. Once you finish the encryption your device is set. This setup is for a password at startup. if you lose your key the recovery key works with the mbam server\helpdesk website. Happy setting up!
     
  9. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    107,632
    Thanks for posting back. (y)
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...

Short URL to this thread: https://techguy.org/1199209