Jump to content


Mr.Anderson

1910 - BitLocker / MBAM Task sequence

Recommended Posts

Hi All -

We just completed setting up BitLocker management with 1910.  We’re able to push the policy to the clients and install and the self service portal is all working.  We aren’t currently using BitLocker so this a totally new deployment. 
 

My question is we are about to start a large roll out of new systems and I’m looking for documentation on how to set this up in our task sequence so that BitLocker is installed and turned on after imaging without end user interaction.   I’ve done this at my previous job but we were not doing MBAM just storing keys in AD so this all new to me.  I’ve poured through all of the tremendous information here but still seem to be missing this piece and need to start getting new systems into the wild. 
 

Any help would be greatly appreciated! 
 

Thanks!

Chris

Edited by Mr.Anderson
Typo

Share this post


Link to post
Share on other sites

just to be clear, are you saying you want to have your OSD task sequences take care of Bitlocker Encryption and storage of the key in ConfigMgr 1910 with the bitlocker management feature enabled ?

Share this post


Link to post
Share on other sites
35 minutes ago, anyweb said:

just to be clear, are you saying you want to have your OSD task sequences take care of Bitlocker Encryption and storage of the key in ConfigMgr 1910 with the bitlocker management feature enabled ?

Yes correct.  We have ConfigMgr 1910 working and I'm able to deploy to exisiting clients which then requires them to install.  My question is how do you deploy this with bare metal /or inplace upgrade in a task sequence so MDOP/MBAM is already installed and the device is encrypted with ConfigMngr managing keys.

 

Thanks

Chris

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

i'll try and do up a blog post on this in the coming weeks, time willing of course

  • Like 1

Share this post


Link to post
Share on other sites
On 2/22/2020 at 4:40 AM, Mr.Anderson said:

Great thanks.  I guess I'm looking for what the TS steps would be as well.   

 

Chris

Did you ever figure this out?  I'm really struggling with getting the keys passed back into the DB from the task sequence.  AD is fine, just the DB is empty.

Thanks

Share this post


Link to post
Share on other sites
On 2/21/2020 at 12:59 PM, anyweb said:

just to be clear, are you saying you want to have your OSD task sequences take care of Bitlocker Encryption and storage of the key in ConfigMgr 1910 with the bitlocker management feature enabled ?

Hi, Did you ever get to do a blog post on this process please?

Share this post


Link to post
Share on other sites

not yet, maybe this weekend or tonight, i'll spin up the lab again, actually i've started writing a blogpost now and hopefully it'll be finished tonight.

Share this post


Link to post
Share on other sites

@dreddric

it's done now see >

 

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...