locked
Computer Name missing in SCCM reports RRS feed

  • Question

  • MBAM infrastructure is working fine excepted for the reports part, for example when I launch the "BitLocker Enterprise Compliance Details" here is what I got, the computer names are empty. I followed the documentation on technet, did I miss something ?

     

    Wednesday, July 3, 2013 1:52 PM

Answers

  • Do you get this on all of your clients or just this one?  Have you tried uninstalling/reinstalling the MBAM agent?  If you open wbemtest and connect to root\microsoft\mbam, click Enum Instances, and put mbam_volume, do you get data? 
    • Marked as answer by -Jordan- Tuesday, August 27, 2013 11:28 AM
    Thursday, August 1, 2013 7:58 PM
    Moderator
  • So installing the new agent solved the issue. The agent wasn't updated on our workstations, it was still running with a version 1 of the agent. I don't really get how the MBAM agent can influence the information pushed to SCCM but now I have the computer names in my reports.

    Thanks for your effort in this.

    Tuesday, August 27, 2013 11:30 AM
  • The new MBAM 2.0 client creates a new WMI class that is needed by the Configuration Baseline to report compliance appropriately.  It is what enables CM integration to work properly.
    Tuesday, August 27, 2013 2:39 PM
    Moderator

All replies

  • What do the logs say for MBAM in your Event Viewer? Is it successfully reporting back from your client machines?

    PLEASE MARK ANY ANSWERS TO HELP OTHERS Blog: rorymon.com Twitter: @Rorymon

    Wednesday, July 3, 2013 2:24 PM
  • I'm actually getting the same issue, computer name is blank. Currently have this in a hybrid configuration - so the reporting back to the MBAM infrastructure is working fine.

    Let me know if you do resolve this as I'd be keen on the steps.

    Wednesday, July 3, 2013 11:20 PM
  • Rorymon,

    I've got nothing particular in the logs, in the "Admin" part there's noting, event after a restart of the "BitLocker Management Client Service" service.

    In the "Operational" section, I can see that the MBAM policies were applied sucessfully.

    I can be wrong but my guess this isn't MBAM related but more SCCM, isn't it ?

    Thursday, July 4, 2013 6:54 AM

  • In the integration of MBAM with SCCM, you need to disable the "MBAM Status Reporting Service" and delete the URL for the "Status Reporting Service Endpoint".

    You can view the reporting for MBAM in the SCCM console. After integration SCCM generates few specialised reports for the MBAM.

    Have a look to the link :- http://social.technet.microsoft.com/Forums/en-US/132c5b41-1054-4fca-bb21-ed18e5467d4c/mbam-client-an-error-occurred-while-sending-encryption-status-data-error-code-0x803d0013


    Gaurav Ranjan

    Saturday, July 6, 2013 11:29 AM
  • Gaurav,

    I used the 1.0 GPOs with MBAM 2.0 untill few days ago and I noticed it in another thread on those forums, so in order to fix my issue I deployed the GPOs for MBAM 2.0 and I disabled the "Status reporting service" and cleared the URL.

    Actually you thread link to a topic where the client encounter an issue while sending encryption status, but that's not my issue ! Everything is working fine on the MBAM infrastructure, exepted that I can't get reports since the computer names aren't populated.

    I tried editing the reports and play with the variables but it was unsuccessfull ... Do someone have some tips concerning this ?

    Tuesday, July 9, 2013 8:22 AM
  • Can you check the log files "CCM.log" & "smsdbmon.log" on the SCCM server. And the "ccmexec.log" on the client machine. It might be that these log files have some kind of information.

    What is the version of your SCCM Site? 2007 or 2012.


    Gaurav Ranjan

    Wednesday, July 10, 2013 4:41 AM
  • In CM, make sure that your clients have reported hardware inventory recently.  Also, make sure the DCM is enabled and has run on the clients.  If those two things have happened, you should get data in the reports.
    Wednesday, July 10, 2013 8:54 PM
    Moderator
  • Gaurav,

    We are running the version 2012.

    I had a look at the ccmexec.log but this is kinda unreadable, I'll have a look at the others by tomorrow.

    Lancecr,

    They did report hardware recently I'll crosscheck anyway, what is DCM ?

    Thursday, July 11, 2013 2:20 PM
  • For cm we create a configuration baseline that points at the mbam supported computers collection. Make sure machines are in that collection and you can eval the baseline on a client from the configuration manager applet. This is how we report compliance in cm integrated mode
    Wednesday, July 17, 2013 3:22 AM
    Moderator
  • Lancecr,

    I am not sure to understand what you mean. I am not asking how to check compliance through CM. Actually I am having an issue where the names of each computer are missing in every MBAM reports and I am looking for a solution to fix this. So far I tried editing the reports but I ended up with nothing so far ...

    Friday, July 19, 2013 12:54 PM
  • Couple of things to check:

    1. Are you sure you add the sms_def.mof files correctly in Client Settings?

    2. Verify all 4 classes are added correctly and all options are checked?

    3. Are your clients added in MBAM Computer Collections Successfully? 

    4. Run hardware inventory on client manually and check if it sends data. Check logs under ccm directory on client.


    Manoj Sehgal

    Saturday, July 20, 2013 3:33 AM
  • Dont forget to add the appropriate classes to the configuration.mof as well and check the tpm class in hardware inventory. After this is done and the machine is in the mbam supported computers collection, refresh machine policy on a client, run hardware inventory, then evaluate the configuration baseline locally.
    Saturday, July 20, 2013 1:33 PM
    Moderator
  • Manoj, Lancer,

    Thanks for your follow up. So since I did it long ago, I tried to reimport the Sms_def.mof, find here the answer I got :

    So i think this is normal and the classes were already there. I looked at the check boxes, they are all checked for these 4 classes. Reagrding the configuration.mof, I can find the section related to MBAM, so my guess this is good also.

    Refering your third point, I can see all my desktops in "All Desktop Systems" collection, and their names are well mentionned.

    Then I tried running an hardware inventory and look at the log files in the mean time. For that test, I looked at the InventoryAgent.log file (let me know if that's not the good one). And there I found few errors and the task ended with that message : "Inventory: 11 Collection Task(s) failed." Find here the collections that fails :

    1. Collection: Class "Win32_TSIssuedLicense" does not exist.
    2. Unknown error encountered processing an instance of class Win32_BitLockerEncryptionDetails: 8004100E
    3. Collection: Class "Win32_ServerFeature" does not exist.
    4. Collection: Class "SMS_FolderRedirectionHealth" does not exist.
    5. Collection: Class "SMS_ActiveSyncService" does not exist.
    6. Collection: Class "SMS_Windows8Application" does not exist.
    7. Collection: Class "SMS_ActiveSyncConnectedDevice" does not exist.
    8. Collection: Class "Win32_TSLicenseKeyPack" does not exist.
    9. Invalid Query for class Win32_UserProfile: 80041017, will retry to remove invalid properties
    10. Collection-Retry:Ignore invalid property HealthStatus
    11. Collection: Class "SMS_Windows8ApplicationUserInfo" does not exist.

    What does it mean ? Is it missing something on my workstation ?

    Wednesday, July 24, 2013 8:16 AM
  • But do you see the computers in the MBAM Supported Computers collection?  Under Hardware Inventory, did you check the TPM class so that it is being gathered?  What you showed above is under Hardware Inventory, but did you add the appropriate classes from TechNet into your configuration.mof for MBAM as well?  Based on your output in the previous post, I'm also wondering if you have the MBAM Agent installed on your client. 
    Wednesday, July 24, 2013 10:36 PM
    Moderator
  • Lancecr,

    Actually I am not seeing any computer name in my reports as the first screenshot shows, but are we speaking of the same thing ? What are you calling "MBAM Supported Computer collection" ?

    Under Hardware inventory the "TPM (Win32_Tpm)" class is checked.

    The appropriate classes were added also to the configuration.mof file, I just crosschecked yesterday.

    I got the agent installed, if the agent weren't there I would be unable to start the encryption of my computers rights ? In fact everything is running fine, I got the PC encrypted, the keys are well stored in SQL, I can recovery a BitLocked computer, etc. The only issue I have concern the reports in SCCM ...

    Thursday, July 25, 2013 7:40 AM
  • We are talking about the same thing.  There's quite a few little components that have to be in place for CM Integration to work and for the Compliance Reports in CM to show up correctly, per your OP.  Encrypting the PC is one thing, but uses different processes.  Compliance reporting relies on CM, so there are different things to look at.  When you install MBAM in CM Integrated mode, we create reports under the MBAM folder in the CM Console, 2 Configuration Items, and a Configuration Baseline.  Under your Device Collections, we also create a collection called "MBAM Supported Computers" and associate our Configuration Baseline to it.  This allows the MBAM Agent to insert compliance data into a custom WMI class on the client, which the Configuration Baseline grabs when it evaluates (by default every 12 hours).

    So:

    1.  Make sure your client shows up in the "MBAM Supported Computers" collection

    2.  If it is there, make sure that the Configuration Baseline for BitLocker is associated with that collection

    3.  Go to your client and run a Hardware Inventory cycle from the Configuration Manager applet.  Wait a bit for it to upload data.  Validate in CM that the last hardware refresh time is current.

    4.  From the Configuration Manager applet, click Configurations and make sure you see the BitLocker Configuration Baseline.  If you don't, you may have DCM disabled in CM.  It has to be active.

    5.  If it is there, click Evaluate and wait a bit.

    Thursday, July 25, 2013 3:31 PM
    Moderator
  • Lancecr,

    Thanks for the tips, those are usefull. So :

    1. In "MBAM Supported Computers" I've got all the desktops including mine.

    2. I am not sure how to check this, but I found that :

    3. I don't know where to find that information, but the last Hardware Scan is from yesterday.

    4. Find here the screenshot, looks good to me :

    Friday, July 26, 2013 9:51 AM
  • 5. I did click evaluate, but there I got an error :

     

    So i displayed the report and found some usefull messages, can I send you this in a secure way ?

     

    So a question pops up in my mind, how my computer can be in the "MBAM Supported Computers" in the CM collection and have a "Compliance State" issue ?

    Friday, July 26, 2013 9:51 AM
  • If there's no way to send you that, basically the error I get is this one :

    Error Type Error Code Error Description Error Source
    Setting Discovery - Error 0x80070001- Incorrect function. Windows
    Friday, July 26, 2013 9:52 AM
  • Do you get this on all of your clients or just this one?  Have you tried uninstalling/reinstalling the MBAM agent?  If you open wbemtest and connect to root\microsoft\mbam, click Enum Instances, and put mbam_volume, do you get data? 
    • Marked as answer by -Jordan- Tuesday, August 27, 2013 11:28 AM
    Thursday, August 1, 2013 7:58 PM
    Moderator
  • If your issue is not resolved and you want help, it is possible for you to open  a support case with Microsoft?

    We can help you & fix this issue.

    Good Luck


    Manoj Sehgal

    Thursday, August 15, 2013 2:09 AM
  • Lancecr,

    After verification it turns out that the client on my workstation was an old one. So I updated it manually and now the compliance state is ok. When I use the wbemtest tool, I do have data after few seconds.

    Tell me if I am wrong, but my guess the new MBAM client won't help with the SCCM reports informations since they are gathered by the SCCM client, right ? Nevertheless I'll wait a bit to see if the computer name pops up in the reports.

    Manoj,

    The support case would be my last scenario.

    Monday, August 26, 2013 1:44 PM
  • So installing the new agent solved the issue. The agent wasn't updated on our workstations, it was still running with a version 1 of the agent. I don't really get how the MBAM agent can influence the information pushed to SCCM but now I have the computer names in my reports.

    Thanks for your effort in this.

    Tuesday, August 27, 2013 11:30 AM
  • The new MBAM 2.0 client creates a new WMI class that is needed by the Configuration Baseline to report compliance appropriately.  It is what enables CM integration to work properly.
    Tuesday, August 27, 2013 2:39 PM
    Moderator
  • I'm experiencing the same issue as the OP in that I'm not seeing either the Computer Name or the Device User in the reports. 

    We're SCCM integrated with MBAM2 (and have the correct client), however I've only got to the stage where I'm testing with a machine using direct registry entries.

    Do I need to get the GPO set up as described in this thread or should it work without the GPO?

    Cheers

    Simon

    Thursday, September 5, 2013 11:29 AM