I have deployed Mbam 2.5 in our environment and the first tests (manual deployment of mbam client and encryption) have been successfull.(tpm and volume recovery work fine)
However when trying to use the latest features, we can't get the TPM owner password to be backed up in Mbam.
We use pre provisionning wih used space during the task sequence and it works fine. The user is prompted at first logon for the Pin and drive recovery is reported to the DB. However TPM password is not present.
Whatever we tried, the TPM did not show up unless we suppressed pre provisionning.
Has someone been able to take ownership of the TPM with preprovisioning ?
During the TS, at the preprovisioning step, the Tpm shows as Enabled, Activated and Not owned, then in the log it shows that pre provisioning takes ownership. Of course, this prevents Mbam to do the same so no backup of TPM.
in the following post, someone from Microsoft states that ownership is not taken, but it seems it does anyway.
Thanks in advance for your feedback