Friday, August 19, 2011 6:25 PMWe are looking to roll out Windows 7 with Bitlocker enabled soon. We just recently found out about MBAM and are looking into it but we probably will not hold up the Windows 7 rollout for it. The question is, how does MBAM work with Windows 7 clients that are already encrypted with Bitlocker? Will it pick the fact that it has been encrypted and just try to enforce whatever policies we have in place or will it fail?
Thursday, September 15, 2011 7:56 PMI have the same question. I have MBAM installed as well as Windows 7 Bitlocker clients that were pre-existing. The compliance report is currently showing that my clients are Non-Compliant. Why is this???
Saturday, September 17, 2011 4:30 AM
MBAM agent installed on windows 7 client will push the recovery keys to MBAM SQL database.
Reports will show compliance status based on GPO configured for MBAM.
If your volume is encrypted with bitlocker, but MBAM GPO are not configured the your machine status will be non-compliant.
To get a compliant machine status, you need to enable GPO for MBAM under operating system drive to enabled.
Hope this helps.
- Proposed As Answer by manojsehgalMicrosoft Employee Saturday, September 17, 2011 4:30 AM
Saturday, September 17, 2011 5:07 PM
Thanks for the response. I have Group Policy configured...is not correct?
Wednesday, September 21, 2011 9:37 PM
The GPO which have configured will back up recovery information in AD and not MBAM.
For MBAM GPO see the link below.
Hope this helps.
- Proposed As Answer by manojsehgalMicrosoft Employee Wednesday, September 21, 2011 9:37 PM
Monday, March 19, 2012 5:14 AM
Assuming all your bitlocker GPO settings are the same now as they were before there is no issues.
I have personally deployed this exactly scenario to +4000 machines (previously Bitlockered with similar settings) with no snags once I get the client to check in. I am still working through the last of the automatic compliance enforncement issues.
From your settings you will have recovery information in 2 (AD & HW and Recovery) locations.