KB 3046555: End-to-end guide for Deploying MBAM 2.5 in a stand-alone configuration

This guide provides step-by-step instructions for installing Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 in a stand-alone configuration. In this guide we will use a two-server configuration. One of the two servers will be a database server that is running Microsoft SQL Server 2012. This server will host the MBAM databases and reports. The additional… Read more

Tips & Tricks with MBAM 2.5 – Part 1: Domain Controller and Group Policy Management

We have periodically received requests on some of the Tips and Tricks regarding Microsoft BitLocker Administration and Monitoring (MBAM).  So we will be posting a series of blogs and have them listed below. Part 1: Domain Controller and Group Policy Management This blog will be focused on Domain Controller and Group Policy Management. Tip 1:… Read more

Manually modifying IIS bindings to use SSL for MBAM services

Microsoft BitLocker Administration and Monitoring (MBAM) needs web services no matter what topology you are using. These MBAM web services can be installed with or without SSL Certificates. To install MBAM web features using SSL, it is required to have a certificate ready to use and issued to the web server or whatever the hostname… Read more

MBAM Configuration Manager reports data is repetitive

Let us consider the following scenario of Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 deployed with integrated topology. This means you have integrated MBAM with Configuration Manager. You have deployed the MBAM group policy and all the clients started to report in so we are ready to check out the compliance status of all these… Read more

How to make your existing Bitlocker encrypted environment FIPS complaint

Hello, my name is Mayank Sharma and I am a Technical Advisor here at Microsoft. In this blog, I will discuss FIPS compliance with Bitlocker. Microsoft's solution for completely encrypting data inside laptops, desktops and removable drives. So let’s get started… FIPS stands for Federal Information Processing Standard and is United States Government standards that… Read more

How to Cleanup TPM information from AD for Windows 8 computers

For Windows 7 machines, TPM Owner Password is stored in msTPM-OwnerInformation which is attribute of Computer object in AD. So if you delete the computer object, TPM Owner Password is also deleted. For Windows 8, TPM Owner Information is not stored directly under Computer Object. It is stored in a separate object which is linked… Read more

Announcing public availability of MBAM Compliance Data Cleanup Tool 2.0

We are happy to announce public availability of MBAM Compliance Data Cleanup Tool 2.0 (clean-mbam.exe), aka MBAMCDCT 2.0.   MBAM Compliance Data Cleanup Tool 2.0 (clean-mbam.exe) is a command line tool which enables you to delete machine records from the ‘Compliance Status’ database of the MBAM 1.0 and MBAM 2.0 standalone.   There have been… Read more

MMS 2013 Hands On Labs Available

A few months ago we held the annual 2013 Microsoft Management Summit in Las Vegas. As in years past, the event sold out quickly and it was a very busy week. To everyone that attended, our sincere thanks.  As a recap, the below blog gives you the list of available sessions online to view that… Read more

Sessions from MMS 2013 Now Available

Greetings AskCore fans.  I thought I would start creating a blog for a subset of the videos/sessions available at each of the conferences that Microsoft has throughout the year.  These sessions will be available and will deal with topics that are discussed here on the AskCore Blog.  There are numerous other sessions if you want… Read more

How to Verify BitLocker Recovery Keys in SQL DB using MBAM

Customers using BitLocker Drive Encryption to protect a volume might be curious to know, how to verify BitLocker Recovery keys in SQL database for MBAM. Consider this scenario: A Volume is already BitLocker encrypted and recovery information is backed up in Active Directory. We install the MBAM client on a Windows 7 client machine and… Read more