Jump to content


FSiglmueller

After changing the SQL Server the MECM integrated Bitlocker won't show any recovery key in the Helpdesk Portal

Recommended Posts

Hi All !

I have migrated my SQL DB to another Server.
After that move the MECM Bitlocker Helpdesk Portal (Webportal) shows no recovery key for any system.

When I have a look to the database, there are all entries inside (encrypted). How can I go on to get it working with the helpdesk Portal ?
I urgently need the keys, because at the moment I am not able to solve any bitlocker issues for my systems.

The whole MECM environment is in HTTPS mode only (if this is helpful).

Any help is appreciated.

Thanks in advance.

 

 

Share this post


Link to post
Share on other sites

have you tried to reinstall the helpdesk webportal as it's more than likely still tied to your original SQL server setup, here's the command line I used in my labs

.\MBAMWebSiteInstaller.ps1 -SqlServerName cm01.windowsnoob.lab.local -SqlInstanceName MSSQLSERVER -SqlDatabaseName CM_P01 -ReportWebServiceUrl http://cm01.windowsnoob.lab.local/Reportserver -HelpdeskUsersGroupName "windowsnoob\MBAM_HD" -HelpdeskAdminsGroupName "windowsnoob\MBAM_HD_Adv" -MbamReportUsersGroupName "windowsnoob\MBAM_HD_Report" -SiteInstall Both

that would be the first thing i'd do, uninstall your current help desk (as you've moved SQL) and then reinstall the helpdesk portal pointing to the new SQL server

Share this post


Link to post
Share on other sites

did you get any errors when you installed the helpdesk using the powershell script ? are your helpdesk users that you use to retrieve keys correctly setup ?

Share this post


Link to post
Share on other sites

i mean are the users you are using to login to the helpdesk in the appropriate active directory groups specified in the powershell arguments

 

Share this post


Link to post
Share on other sites

Hi All !

Today I checked it and found out, that the keys were not uploaded to the MECM database.
But I don't no why. First I checked the registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" for the EnableEncryptionKey (without the XTS) but we only have there the keys for the XTS.

Any ideas whats going on here ?

 

Thanks in advance.

Kind Regards

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.