Difference between revisions of "Microsoft Bitlocker Administration and Monitoring"

From RiceFamily Wiki
Jump to: navigation, search
(Important Request Numbers)
(Important Request Numbers)
 
(14 intermediate revisions by the same user not shown)
Line 9: Line 9:
 
* KB0024590 - RunBook for MBAM
 
* KB0024590 - RunBook for MBAM
 
* RITM1290879 - Monitoring Request
 
* RITM1290879 - Monitoring Request
 +
* KB0024847 - How to Link an OU to MBAM with a GPO
 +
* RITM5645257 - New Environment
 +
* RITM5704865 - SHA256 SSL for server
  
 
= Documentation =
 
= Documentation =
Line 19: Line 22:
 
* [https://support.microsoft.com/en-us/kb/3046555 Deploying MBAM 2.5 in a stand-alone configuration]
 
* [https://support.microsoft.com/en-us/kb/3046555 Deploying MBAM 2.5 in a stand-alone configuration]
 
* [https://technet.microsoft.com/en-us/library/dn645309.aspx?f=255&MSPPError=-2147217396 How to Deploy the MBAM Client to Desktop or Laptop Computers]
 
* [https://technet.microsoft.com/en-us/library/dn645309.aspx?f=255&MSPPError=-2147217396 How to Deploy the MBAM Client to Desktop or Laptop Computers]
 +
* [https://docs.microsoft.com/en-us/microsoft-desktop-optimization-pack/mbam-v25/operations-for-mbam-25 MBAM v2.5 - Operations for MBAM]
 +
* [https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions BitLocker Frequently Asked Questions]
  
 
== YouTube Videos ==
 
== YouTube Videos ==
Line 25: Line 30:
 
== My Documentation ==
 
== My Documentation ==
 
* [[MBAM Architecture]]
 
* [[MBAM Architecture]]
 +
* [https://www.itprotoday.com/email-and-calendaring/get-bitlocker-recovery-information-ad-using-powershell Get BitLocker Recovery Information from AD using Powershell]
 +
 +
== Internet Documentation ==
 +
* [https://its.uiowa.edu/support/article/104730 How to unlock an encrypted computer using the MBAM IT Admin Portal]
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/how-to-recover-a-drive-in-recovery-mode-mbam-25 How to recover a Drive in Recovery Mode with MBAM] - KB0025724
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/how-to-recover-a-moved-drive-mbam-25 How to recover a Moved Drive] - KB0025726
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/how-to-recover-a-corrupted-drive-mbam-25 How to recover a Corrupted Drive] - KB0025727
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/how-to-reset-a-tpm-lockout-mbam-25 How to Reset a TPM Lockout] - KB0025728
 +
* [https://its.uiowa.edu/support/article/103277 How to setup MBAM Bitlocker encryption manually]
 +
* [https://its.uiowa.edu/support/article/103953 How to setup Active Directory and Group Policy for MBAM]
 +
* [https://its.uiowa.edu/support/article/103952 How to setup MBAM for a Department]
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/editing-the-mbam-25-group-policy-settings Editing the MBAM 2.5 Group Policy]
  
 
= Installation Process =
 
= Installation Process =

Latest revision as of 19:51, 13 March 2024

Important Request Numbers

  • RITM1029531 (Test)
  • RITM1029532 (Test)
  • TASK1461055 (Firewall Rules) (Test)
  • RITM1118176 (Production)
  • RITM1118177 (Production)
  • RITM1135236 (Production SSL)
  • RITM1135238 (Production SSL)
  • KB0024590 - RunBook for MBAM
  • RITM1290879 - Monitoring Request
  • KB0024847 - How to Link an OU to MBAM with a GPO
  • RITM5645257 - New Environment
  • RITM5704865 - SHA256 SSL for server

Documentation

Microsoft Documentation

YouTube Videos

My Documentation

Internet Documentation

Installation Process

Request Servers

Install Pre-Requesites

  • Install Powershell 3.0
  • Install Microsoft Server 2008R2 or later with Service Packs
    • Need to include SQL_Latin1_General_CP1_CI_AS collation.
    • Install Database Engine
    • Install Reporting Services
    • Install Client Tools Connectivity
    • Install Management Tools - Complete

MBAM Installation and Configuration

Client Installation

Important Notes

  • According to How to Deploy the MBAM Client to Desktop or Laptop Computers
    • "The MBAM Client does not start BitLocker Drive Encryption actions if a remote desktop protocol connection is active. All remote console connections must be closed and a user must be logged on to a physical console session before BitLocker Drive Encryption begins."
  • MBAM Clients will communicate with the server via port 443