Jump to content


FSiglmueller

After changing the SQL Server the MECM integrated Bitlocker won't show any recovery key in the Helpdesk Portal

Recommended Posts

Hi All !

I have migrated my SQL DB to another Server.
After that move the MECM Bitlocker Helpdesk Portal (Webportal) shows no recovery key for any system.

When I have a look to the database, there are all entries inside (encrypted). How can I go on to get it working with the helpdesk Portal ?
I urgently need the keys, because at the moment I am not able to solve any bitlocker issues for my systems.

The whole MECM environment is in HTTPS mode only (if this is helpful).

Any help is appreciated.

Thanks in advance.

 

 

Share this post


Link to post
Share on other sites

have you tried to reinstall the helpdesk webportal as it's more than likely still tied to your original SQL server setup, here's the command line I used in my labs

.\MBAMWebSiteInstaller.ps1 -SqlServerName cm01.windowsnoob.lab.local -SqlInstanceName MSSQLSERVER -SqlDatabaseName CM_P01 -ReportWebServiceUrl http://cm01.windowsnoob.lab.local/Reportserver -HelpdeskUsersGroupName "windowsnoob\MBAM_HD" -HelpdeskAdminsGroupName "windowsnoob\MBAM_HD_Adv" -MbamReportUsersGroupName "windowsnoob\MBAM_HD_Report" -SiteInstall Both

that would be the first thing i'd do, uninstall your current help desk (as you've moved SQL) and then reinstall the helpdesk portal pointing to the new SQL server

Share this post


Link to post
Share on other sites

did you get any errors when you installed the helpdesk using the powershell script ? are your helpdesk users that you use to retrieve keys correctly setup ?

Share this post


Link to post
Share on other sites

Hi !

I didn't get any errors during the helpdesk installation. The powershell script went flawlessly.
What do you mean with:

are your helpdesk users that you use to retrieve keys correctly setup ?

bitlocker2.jpg.4557cd1392c8bc411460448eeb802491.jpg

All our groups exist in the AD.

Thanks in advance.

Kind regards

 

Share this post


Link to post
Share on other sites

i mean are the users you are using to login to the helpdesk in the appropriate active directory groups specified in the powershell arguments

 

Share this post


Link to post
Share on other sites

Hi !

Yes, all the Users are in the appropriate AD groups. No User groups were changed. That means the Users are the same  like before the SQL Server move.

Kind regards 

Share this post


Link to post
Share on other sites

Hi All !

Today I checked it and found out, that the keys were not uploaded to the MECM database.
But I don't no why. First I checked the registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE" for the EnableEncryptionKey (without the XTS) but we only have there the keys for the XTS.

Any ideas whats going on here ?

 

Thanks in advance.

Kind Regards

Share this post


Link to post
Share on other sites

start by looking at my guide for troubleshooting on the client, does it look like you are missing something ?

 

 

Share this post


Link to post
Share on other sites

did you verify your registry settings, is it pointing to the correct recovery service there ?

if you have teamviewer i could remote in and take a look or Microsoft Quick Assist

Share this post


Link to post
Share on other sites


Hi ! 
the registry is pointing to the correct endpoint.

It would be great if you can remote assist. When does it fit for you ? Today evening (german time - 8.30pm) ?

 

Thanks in advance 

Share this post


Link to post
Share on other sites

yeah that sounds good ping me then (pm)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...