Jump to content


ace_ventura

SCCM BitLocker in MDT Task Sequence

Recommended Posts

We use SCCM and MDT at the present time, have not migrated to SCCM task sequences yet for OSD, just using MDT.  (We need to deploy machines to three different domains depending on the pc and point to two different management points and i haven't figured out how to create the task sequences to do this at this time) We do deploy the SCCM client as an application in the MDT sequences so that the machines are managed in SCCM.  (We currently use SCCM for patching, package and application deployments and soon bitlocker and defender.  We followed the steps to implement bitlocker in SCCM from this article.  https://msendpointmgr.com/2020/04/02/goodbye-mbam-bitlocker-management-in-configuration-manager-part-3/.  It explains how to set this up in an SCCM task sequence but im having a hard time getting it working in an MDT sequence.  The MDT sequence doesnt have a pre-provision bitlocker step.  Does anyone know how to do the bitlocker sccm setup stuff from that article in an MDT task sequence?

Share this post


Link to post
Share on other sites

For this to work you'll need the configmgr client agent installed on the computers, will it be ?

Share this post


Link to post
Share on other sites

then as long as the computer get's the configmgr client agent, and BitLocker Management policy, then they will get encrypted as per your policy, do you want to encrypt during OSD ? if so please review

If you can't use pre-prov during an MDT task sequence then use you'll have to use the Enable BitLocker step in MDT to encrypt your devices.

Share this post


Link to post
Share on other sites

Ok, I was confused since there was no preprovision step in MDT like there is in an SCCM TS, i followed your guide put the reg key for the XTS step before the first bitlocker step in the MDT TS and then again later in the TS and it appears to be working!  I cant get it to escrow the key in AD even though i told MDT to do so, it just puts a txt file at the root of C.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...