Jump to content


Brian635

MBAM issue after re-image

Recommended Posts

Hello,

 

Wondering if anyone can provide any help with this issue I'm experiencing.

 

I have an MBAM environment configured and am starting the encryption process within my SCCM 2012 task sequence using the "Deployment Guys" guide from TechNet. This is all working great.

 

The issue I've noticed is if I then re-image that computer which already has an entry in the MBAM database, after the re-image the MBAM client reports that it is unable to process policy. This is the Event Viewer error listed below:

 

An error occured while applying MBAM policies.
Volume ID:\\?\Volume{d7677447-61c1-11e2-b733-806e6f6e6963}\

Error code:
0x803d0013

Details:
A message containing a fault was received from the remote endpoint.

 

The steps in my refresh scenario Task Sequence as far as BitLocker is concerned simply include the step to "Disable BitLocker" while in Windows, re-image, and then towards the end of the sequence I re-enable BitLocker using the manage-bde -protectors -enable c: command.

 

I've searched on the Event Viewer error but really the only thing I found was a Microsoft article about the MBAM server rejecting the computer name. I went ahead and added the registry key that was recommended in the article but I don't think it totally applies in my scenario since I'm not seeing the corresponding server Event Viewer error that a record was rejected. The behavior has been continuing after adding the registry setting so I'm pretty confident that it did not apply in my issue.

 

I guess I'm just asking to see if ANYONE has experienced anything similar and what they did as a resolution, or if there's any recommendation as to if I'm overlooking something with the process or just in the MBAM configuration in general. Or how anyone else approaches a Windows 7 refresh that is already MBAM BitLocker protected.

 

Any help is definitely appreciated.

 

Thanks!
.

Share this post


Link to post
Share on other sites

I've run into issues re-imaging previously bit-lockered systems too. To get around our issues, we needed to:

 

* Go into BIOS, clear TPM. In Lenovo notebooks, it's Clear Security Chip

 

* Remove HDD and blow out all volumes and reformat. Always kick off your task sequences with a 'clean' drive.

 

- Robert

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...