Jump to content


Established Members
  • Posts

  • Joined

  • Last visited

coolslim54's Achievements


Newbie (1/14)

  • Week One Done Rare
  • One Month Later Rare
  • One Year In Rare

Recent Badges



  1. The client management settings are definitely enabled. My AD guys weren't aware of any active BitLocker GPOs inplace. I ran an RSOP on the machine and did find BitLocker GPOs. I'll provide an update once they've been disabled.
  2. I'm not having much luck with enabling BitLocker with SCCM v2103, running in enhanced HTTP mode. I'm able to successfully create and deploy the Bitlocker policy to a few test machines. The MDOP MBAM agent does show up in the control panel, but for some reason, the machines remain non-complaint when the SCCM client runs the evaluation. Some of the MBAM registry keys appear to be present on the machines, but the MDOPBitLockerManagement sub registry key is not present. Under the Event Viewer\Applications and Services\Microsoft\Windows\MBAM\Admin section is giving the same warning message all the way down: Unable to connect to the MBAM Recovery and Hardware service. Error code: -2147028409. Lastly, I've gone thru the BitlockerManagementHandler.log file just about line-by-line and I saw nothing that indicates the machine was able to detect my enhanced http Management. I did come across the following error messages in the log file: Error executing method ProtectKeyWithNumericalPassword. 0x8031005b Error adding numerical password to OS volume Unable to initialize volume state. Bitlocker enactment cancelled Error escrowing keys. 0x8031005b Am I missing something with my enhanced http setup? It's a pretty straight forward process. Any help would be greatly appreciated!
  3. I'm guessing the best option is to enable the MP with https. I have an enhanced http enabled site running v2013 and my test clients cannot locate the MP when applying MBAM the policy.
  4. Does anyone have a clear answer on weather or not v2103 fully supports Enhanced HTTP w/BitLocker? Is an HTTPS Management Point still required, or is Enhanced HTTP enough?
  5. Installing this hotfix has been a bit problematic. All appears to go well until reaching the "Install Files" section. At that point, it fails and says to check the CMUpdate.log for details. I'll post the contents of the log file. So far, I've redownloaded and reinstalled the hotfix, disabled all antivirus applications on the server, and confirmed SQL permissions were correct. Any advice would be greatly appreciated. CMUpdate.txt
  6. I also tried the following and received the same error mentioned above in my task sequence: $var = New-Object -ComObject Microsoft.SMS.TSEnvironment [regex]$pattern = "-" $OSDComputerName = $var.Value("OSDComputerName") $var.Value("OSDComputerName") = ($pattern.replace($var.Value("OSDComputerName"), "", 1)).Replace("TW7", "TW10").Replace("LW7", "LW10")
  7. It appears to work manually, but fails in the task sequence.
  8. Definitely running the script as bypass in the task sequence. I'll try the manual steps tomorrow at work. Thx!
  9. Gave it a shot and the task sequence failed at powershell script step with error code 0xFFFD0000. Do I need to set the OSDComputerName variable like before? $OSDComputerName = $var.Value("OSDComputerName")
  10. Tregelen, It's me again! The script you provided above works great! Just one last step. How can I remove the first dash from TW7NSDA-002-0000? Again, many thanks!
  11. Tregelen, If I wanted to add an additional line in the script to reflect laptops, could I just add the line at the end to look like this $var = New-Object -ComObject Microsoft.SMS.TSEnvironment $OSDComputerName = $var.Value("OSDComputerName") $var.Value("OSDComputerName") = ($OSDComputerName).Replace("TW7", "TW10") $var.Value("OSDComputerName") = ($OSDComputerName).Replace("LW7", "LW10") Or would I need to add and elseif statement? I would think that it would ignore line 3, if nothing matches with what the script is looking for....
  12. Man, you guys are "da truth"!! Script worked like a charm! Many thanks! I'll definitely be keeping that one.
  13. Thanks for your responses. My PowerShell skills are terrible at the moment, but I'm working on it...I'll give it a shot and follow up. Thanks again!
  14. Tregelen, did you ever get a chance to test it? I tested the script before adding it to my task sequence and it came back with errors.
  • Create New...