Jump to content


Established Members
  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About brpo

  • Rank
  1. Hi I forgot to post feedback on this when i finally found the solution we used Alex Semi s script to launch encryption and by default the mdt scripts force ownership to AD. I put a few comments in the code and the Mbam part is now fully functional. bruno
  2. Hi thanks for the feedback. What we would like is to store the TPM key into MBAM as we then have a single place to look for Support, as we don't have proper AD rights anyway. Alternatively use a single password for TPM but start encryption during TS (I am working on this alternative right now). Brgds bruno
  3. Hi I have deployed Mbam 2.5 in our environment and the first tests (manual deployment of mbam client and encryption) have been successfull.(tpm and volume recovery work fine) However when trying to use the latest features, we can't get the TPM owner password to be backed up in Mbam. We use pre provisionning wih used space during the task sequence and it works fine. The user is prompted at first logon for the Pin and drive recovery is reported to the DB. However TPM password is not present. Whatever we tried, the TPM did not show up unless we suppressed pre provisionning. Has someone been able to take ownership of the TPM with preprovisioning ? During the TS, at the preprovisioning step, the Tpm shows as Enabled, Activated and Not owned, then in the log it shows that pre provisioning takes ownership. Of course, this prevents Mbam to do the same so no backup of TPM. in the following post, someone from Microsoft states that ownership is not taken, but it seems it does anyway. http://social.technet.microsoft.com/Forums/en-US/b915cd54-6371-4b28-aac7-bd3103dfd7ca/preprovisioning-bitlocker-mbam-and-tpm-password?forum=mdopmbam Thanks in advance for your feedback bruno
  • Create New...