Yup, ours is still set to the default 90 minutes. Meanwhile, the keys for my machine have been in AD for 2 hours - so what's the hold up with MBAM? Just looking to understand what triggers the MBAM client to backup the password. And as evidenced by every machine imaged, the MBAM client 'kicks in' at some point, does what it needs to do and the keys appear in MBAM.īut we don't know what specifically that is. My machine isn't a one off as this is also true for several dozens of machines in various offices. My machine has been restarted a handful of times today after imaging as well. Yet searching for the Key ID In MBAM yields 'Recovery key not found'. (NOTE: If there's a way to do this in WinPE, we're all ears.)Īs machines come off the line, we're finding that the keys are not immediately available in MBAM.įor example, my machine was imaged earlier today and is currently encrypting.
Is setup we're in Windows proper and waiting for the system to encrypt. In order to satisfy some security requirements (full disk encryption XTS-AES 256) we are not enabling BitLocker while in WinPE during OSD.
Performing BitLocker Management with MBAM 2.5 Got a suggestion for MBAM?įor MBAM issues, use the MBAM TechNet Forum.We're an SCCM shop (1602 with MDT of course) deploying Windows 10 to a large pilot group. Your BitLocker recovery key is displayed in the Your BitLocker Recovery Key field.Įnter the 48-digit code into the BitLocker recovery screen on your computer to regain access to the computer. In the Reason field, select a reason for your request for the recovery key.Ĭlick Get Key. If the first eight digits match multiple keys, a message displays that requires you to enter all 32 digits of the recovery key ID. In the Recovery KeyId field, enter a minimum of eight of the 32-digit BitLocker Key ID that is displayed on the BitLocker recovery screen of your computer. To use the Self-Service Portal to regain access to a computer If the IT administrator configured an IIS Session State time-out, a message is displayed in the Self-Service Portal 60 seconds prior to the time-out. Otherwise, they must use the Helpdesk Portal for key recovery.Įnd users may experience lockouts if they:Ĭhange operating system files, the BIOS, or the Trusted Platform Module (TPM) The following instructions are written from the perspective of end users, but the information may be useful for IT administrators to understand.Īn end user must have physically logged on to the computer (not remotely) at least one time successfully to be able to recover their key using the Self-Service Portal. The Self-Service Portal requires no assistance from Help Desk staff. The website enables end users to independently regain access to their computers if they get locked out of Windows. The Self-Service Portal is a website that IT administrators configure as part of their Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 deployment.
0 kommentar(er)
