Difference between revisions of "Microsoft Bitlocker Administration and Monitoring"

From RiceFamily Wiki
Jump to: navigation, search
(Documentation)
(Important Request Numbers)
 
(35 intermediate revisions by the same user not shown)
Line 1: Line 1:
= Server Requests =
+
= Important Request Numbers =
* RITM1029531
+
* RITM1029531 (Test)
* RITM1029532
+
* RITM1029532 (Test)
 +
* TASK1461055 (Firewall Rules) (Test)
 +
* RITM1118176 (Production)
 +
* RITM1118177 (Production)
 +
* RITM1135236 (Production SSL)
 +
* RITM1135238 (Production SSL)
 +
* KB0024590 - RunBook for MBAM
 +
* RITM1290879 - Monitoring Request
 +
* KB0024847 - How to Link an OU to MBAM with a GPO
 +
* RITM5645257 - New Environment
 +
* RITM5704865 - SHA256 SSL for server
  
 
= Documentation =
 
= Documentation =
 +
== Microsoft Documentation ==
 +
* [https://technet.microsoft.com/en-us/windows/hh826072.aspx Microsoft BitLocker Administration and Monitoring]
 +
* [https://technet.microsoft.com/en-us/library/dn645344%28d=printer%29.aspx?f=255&MSPPError=-2147217396 How to Configure the MBAM 2.5 Web Applications]
 +
* [https://technet.microsoft.com/itpro/mdop/mbam-v25/planning-for-mbam-25-group-policy-requirements Planning for MBAM v2.5 - Group Policy Requirements Planning for MBAM]
 
* [https://technet.microsoft.com/en-us/library/dn645331%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396 MBAM 2.5 Server Prerequesites for Stand-alone and Configuration Manager Integration Topologies]
 
* [https://technet.microsoft.com/en-us/library/dn645331%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396 MBAM 2.5 Server Prerequesites for Stand-alone and Configuration Manager Integration Topologies]
 
* [https://technet.microsoft.com/en-us/library/dn645370%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396 MBAM 2.5 Supported Configurations]
 
* [https://technet.microsoft.com/en-us/library/dn645370%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396 MBAM 2.5 Supported Configurations]
 
* [https://support.microsoft.com/en-us/kb/3046555 Deploying MBAM 2.5 in a stand-alone configuration]
 
* [https://support.microsoft.com/en-us/kb/3046555 Deploying MBAM 2.5 in a stand-alone configuration]
 +
* [https://technet.microsoft.com/en-us/library/dn645309.aspx?f=255&MSPPError=-2147217396 How to Deploy the MBAM Client to Desktop or Laptop Computers]
 +
* [https://docs.microsoft.com/en-us/microsoft-desktop-optimization-pack/mbam-v25/operations-for-mbam-25 MBAM v2.5 - Operations for MBAM]
 +
* [https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions BitLocker Frequently Asked Questions]
 +
 +
== YouTube Videos ==
 +
* [https://www.youtube.com/watch?v=5rFhJGVgAto YouTube video - Deploying Microsoft BitLocker Administration and Monitoring (MBAM) 2.5]
 +
* [https://www.youtube.com/playlist?list=PLljHpuLugL9W42kyYZh5gWnTeKuxSkYXS MBAM YouTube Play List]
 +
== My Documentation ==
 +
* [[MBAM Architecture]]
 +
* [https://www.itprotoday.com/email-and-calendaring/get-bitlocker-recovery-information-ad-using-powershell Get BitLocker Recovery Information from AD using Powershell]
 +
 +
== Internet Documentation ==
 +
* [https://its.uiowa.edu/support/article/104730 How to unlock an encrypted computer using the MBAM IT Admin Portal]
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/how-to-recover-a-drive-in-recovery-mode-mbam-25 How to recover a Drive in Recovery Mode with MBAM] - KB0025724
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/how-to-recover-a-moved-drive-mbam-25 How to recover a Moved Drive] - KB0025726
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/how-to-recover-a-corrupted-drive-mbam-25 How to recover a Corrupted Drive] - KB0025727
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/how-to-reset-a-tpm-lockout-mbam-25 How to Reset a TPM Lockout] - KB0025728
 +
* [https://its.uiowa.edu/support/article/103277 How to setup MBAM Bitlocker encryption manually]
 +
* [https://its.uiowa.edu/support/article/103953 How to setup Active Directory and Group Policy for MBAM]
 +
* [https://its.uiowa.edu/support/article/103952 How to setup MBAM for a Department]
 +
* [https://technet.microsoft.com/en-us/itpro/mdop/mbam-v25/editing-the-mbam-25-group-policy-settings Editing the MBAM 2.5 Group Policy]
  
 
= Installation Process =
 
= Installation Process =
* Request Servers
+
== Request Servers ==
** MBAM Application Server
+
* MBAM Server (RITM1029531)
** MSSQL Server
+
* MS-SQL Server (RITM1029532)
+
* [[MBAM Test Environment Installation Process]]
 +
 
 +
== Install Pre-Requesites ==
 +
* Install Powershell 3.0
 +
* Install Microsoft Server 2008R2 or later with Service Packs
 +
** Need to include SQL_Latin1_General_CP1_CI_AS collation.
 +
** Install Database Engine
 +
** Install Reporting Services
 +
** Install Client Tools Connectivity
 +
** Install Management Tools - Complete
 +
 
 +
== MBAM Installation and Configuration ==
 +
 
 +
== Client Installation ==
 +
* [https://technet.microsoft.com/en-us/library/dn645348.aspx?f=255&MSPPError=-2147217396 How to Deploy the MBAM Client by Using a Command Line]
 +
 
 +
= Important Notes =
 +
* According to [https://technet.microsoft.com/en-us/library/dn645309.aspx?f=255&MSPPError=-2147217396 How to Deploy the MBAM Client to Desktop or Laptop Computers]
 +
** "The MBAM Client does not start BitLocker Drive Encryption actions if a remote desktop protocol connection is active. All remote console connections must be closed and a user must be logged on to a physical console session before BitLocker Drive Encryption begins."
 +
* MBAM Clients will communicate with the server via port 443
  
 
[[Category:Microsoft Bitlocker Administration and Monitoring]]
 
[[Category:Microsoft Bitlocker Administration and Monitoring]]
 
[[Category:MBAM]]
 
[[Category:MBAM]]

Latest revision as of 19:51, 13 March 2024

Important Request Numbers

  • RITM1029531 (Test)
  • RITM1029532 (Test)
  • TASK1461055 (Firewall Rules) (Test)
  • RITM1118176 (Production)
  • RITM1118177 (Production)
  • RITM1135236 (Production SSL)
  • RITM1135238 (Production SSL)
  • KB0024590 - RunBook for MBAM
  • RITM1290879 - Monitoring Request
  • KB0024847 - How to Link an OU to MBAM with a GPO
  • RITM5645257 - New Environment
  • RITM5704865 - SHA256 SSL for server

Documentation

Microsoft Documentation

YouTube Videos

My Documentation

Internet Documentation

Installation Process

Request Servers

Install Pre-Requesites

  • Install Powershell 3.0
  • Install Microsoft Server 2008R2 or later with Service Packs
    • Need to include SQL_Latin1_General_CP1_CI_AS collation.
    • Install Database Engine
    • Install Reporting Services
    • Install Client Tools Connectivity
    • Install Management Tools - Complete

MBAM Installation and Configuration

Client Installation

Important Notes

  • According to How to Deploy the MBAM Client to Desktop or Laptop Computers
    • "The MBAM Client does not start BitLocker Drive Encryption actions if a remote desktop protocol connection is active. All remote console connections must be closed and a user must be logged on to a physical console session before BitLocker Drive Encryption begins."
  • MBAM Clients will communicate with the server via port 443
Retrieved from "http://wiki.ricefamily.org/index.php?title=Microsoft_Bitlocker_Administration_and_Monitoring&oldid=4173"