MBAM 2.5
I am trying to plan the integration of MBAM 2.5 into our deployment. I have tried to read the MBAM documentation and I got a bit confused.
I understand that there is a separate GPOs for MBAM but I am not sure what to do with MDT (2013). At the moment we are using the Bitlocker that comes out of Windows so we have the standard AD GPOs for that and I am using the usual MDT variables to enable
that. We are using TPM + PIN with keys saved in AD.
I have a few questions:
If I implement MBAM do I need to disable the standard MDT - Windows Bitlocker?
In one thread somebody explained that once you install the MBAM agent then you need to stop it, import some registry keys, then start it again. Is that still valid with MBAM 2.5?
Also will it keep using AD to store the recovery keys - I understand that MBAM has its own DB for things like that. Will it still use AD too?
It seems to me that there isn't a proper guide on how to implement MBAM, specifically if deployed with MDT.
Thanks for any help anybody could give.
Hi,
I agree that you can get a bit confused with the documentation. But here are some answers:
Once you have installed the MBAM server, you can then configure the GPO with all the needed settings.
1. Yes, if you want to use the MBAM server to save the recovery key, you have to disable the default step "Enable bitlocker" in the
State Restore (not the Enable BitLocker (Offline)
in Preinstall)
2. Yes it is valid with MBAM 2.5. In the State Restore, you can add a step to install the mbam agent. Then you can use a script to import the registry settings and do the encryption. (Remember to import the registry file from the Template "c:\Program Files\Microsoft\MDOP\MBAM\MBAMDeploymentKeyTemplate.reg"
3. No, if you use MBAM then the keys are stored in the MBAM server not in AD.
Check the link below, it is about SCCM 2012 but it is similar with MDT. You can also download the script to do the job for you. (use bing translator for the website)
http://www.deploiementwindows.com/encryption-mbam-avec-pre-provision-bitlocker-dans-une-task-sequence/
/ Yannick Plavonil
blog: Deploiement Windows
twitter: @yplavonil
facebook:
www.facebook.com/deploiementwindows
Similar Messages
-
MBAM web site configuration failure
I've set up MBAM 2.5 on my ConfigMgr 2012 server. Its integrated with Configuration Manager and created the two data bases on the same box with Windows Server 2012 R2 and SQL 2012 with reporting services. (I've configured a working OSD windows 7 task
sequence that uses MBAM to encrypt and store the recovery key.)
Now I'm trying to install the two web sites on a second windows 2012 server that is also acting as a deployment point with pxe server.
I can connect to my reporting server with a browser from the local server without being prompted for credentials. The MBAM reports are configured and visible. I'm using the same service account for SCCM reporting services and web service application
pool domain account. I've been working this for several days and am running out of ideas.
Next I'm going to set up a new 2012 test server to act as the MBAM web server only. Maybe that will simplify things and I don't have to worry about breaking my Distribution Point. Anyone have any ideas or suggestions?
Configurator information:
Description:
Invoking feature provider to validate the parameters of the administration web portal.
The configure web applications wizard keeps failing with the same single event log error message from hell:
Log Name: Microsoft-Windows-MBAM-Server/Admin
Source: Microsoft-Windows-MBAM-Setup
Date: 3/21/2015 10:54:09 AM
Event ID: 401
Task Category: MBAM Configurator
Level: Error
Keywords: MBAM Configurator
User: domain\username
Computer: MBAMwebServer.dc.state.fl.us
Description:
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-MBAM-Setup" Guid="{C00827E6-3AE0-4F0A-8B45-08D05CD8424A}" />
<EventID>401</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>4</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000080</Keywords>
<TimeCreated SystemTime="2015-03-21T14:54:09.870728300Z" />
<EventRecordID>89</EventRecordID>
<Correlation />
<Execution ProcessID="2476" ThreadID="2804" />
<Channel>Microsoft-Windows-MBAM-Server/Admin</Channel>
<Computer>WSCOC5039DP.dc.state.fl.us</Computer>
<Security UserID="S-1-5-21-2100957022-532704775-253168949-48346" />
</System>
<EventData>
<Data Name="Message">Exception thrown from feature provider.</Data>
<Data Name="StackTrace">System.InvalidOperationException: Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'.
The request failed with the error message:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD lang="en-US">
<META HTTP-EQUIV="X-UA-Compatible" CONTENT="IE=5">
<script language="JScript" type="text/Javascript" src="/Reports/js/ReportingServices.js"></script>
<TITLE>en-us - Report Manager</TITLE>
<link href="/Reports/styles/ReportingServices.css"type="text/css" rel="stylesheet">
<META Name="Report Server" CONTENT="http://SCCMserver:80/ReportServer">
</HEAD>
<BODY style="margin:0px;" class="msrs-normal" onload="InitContextMenu('contextMenuCollection','contextMenuCollection__selectedItemIdHiddenField',new Array('contextMenuCollection_ReportContextMenuIdDiv'),'S_searchTextBoxID','Search');ControlConditionalEnable10(true);"><form
name="ui_form" method="POST" action="Folder.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us&ViewMode=List%2fReportService2005.asmx" id="ui_form" enctype="multipart/form-data">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUENTM4MQ8WAh4RUGFnZVZpZXdTdGF0ZVRpbWUoKVlTeXN0ZW0uSW50NjQsIG1zY29ybGliLCBWZXJzaW9uPTIuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4ORI2MzU2MjU0NjQ0OTgwNjM4NTQWAgIBD2QWAgIDDxYCHgZvbmxvYWQFsgFJbml0Q29udGV4dE1lbnUoJ2NvbnRleHRNZW51Q29sbGVjdGlvbicsJ2NvbnRleHRNZW51Q29sbGVjdGlvbl9fc2VsZWN0ZWRJdGVtSWRIaWRkZW5GaWVsZCcsbmV3IEFycmF5KCdjb250ZXh0TWVudUNvbGxlY3Rpb25fUmVwb3J0Q29udGV4dE1lbnVJZERpdicpLCdTX3NlYXJjaFRleHRCb3hJRCcsJ1NlYXJjaCcpFgJmD2QWAmYPZBYCZg9kFgZmDxYCHgdWaXNpYmxlaGQCAQ9kFgJmD2QWAmYPZBYCZg8WCB4GdmFsaWduBQN0b3AeBmhlaWdodAUCMzAeB2NvbHNwYW4FATQeBWNsYXNzBRRtc3JzLXZhbGlkYXRpb25lcnJvcmQCAg9kFgRmD2QWAmYPZBYCZg9kFgICAQ9kFgJmD2QWAgIBD2QWAmYPFgIeCWlubmVyaHRtbAUdU1FMIFNlcnZlciBSZXBvcnRpbmcgU2VydmljZXNkAgEPZBYCZg9kFgJmD2QWAmYPZBYCZg9kFgJmD2QWAmYPZBYEZg8WAh8CaGQCAQ9kFgJmD2QWAmYPZBYCZg9kFgZmDxYGHghsYW5ndWFnZQUKSmF2YXNjcmlwdB4EdHlwZQUPdGV4dC9KYXZhc2NyaXB0HwcFUGZ1bmN0aW9uIENvbnRyb2xDb25kaXRpb25hbEVuYWJsZTEwKHRvcExldmVsRW5hYmxlKSB7RW5hYmxlTXVsdGlCdXR0b25zKCd1aV8nKTt9ZAICDxYCHwJoZAIDD2QWAmYPZBYGZg8WAh4Fd2lkdGgFAjEwZAIBDxYCHwoFBDEwMCUWAmYPFgQeC2NlbGxwYWRkaW5nBQEwHgtjZWxsc3BhY2luZwUBMBYCZg9kFgJmDxYCHwQFAzVweGQCAg8WAh8KBQIxMGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFHGN0bDE4JGN0bDI0JFNfc2VhcmNoQnV0dG9uSUSAjRh+aj7PwliVb+R+WxpyPL1NeA=="
/>
</div>
<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['ui_form'];
if (!theForm) {
theForm = document.ui_form;
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
//]]>
</script>
<div>
<input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="A08DB298" />
</div><span><noscript><table width="100%" class="msrs-normal">
<tr>
<td valign="top" height="30" colspan="4" class="msrs-validationerror"><img src="/Reports/images/blank.gif" height="1" width="24" border="0" /><img
src="/Reports/images/line_err1.gif" height="16" width="16" alt="Error" /><img src="/Reports/images/blank.gif" height="1" width="12" border="0" />This page
might not function correctly because either your browser does not support scripts or active scripting is disabled.</td>
</tr>
</table>
</noscript><table width="100%" class="msrs-normal" cellpadding="0" cellspacing="0" height="100%">
<tr>
<td valign="top"><div>
<table class="msrs-topBreadcrumb" cellpadding="0" cellspacing="0" border="0" width="100%">
<tr>
<td><span><div>
<a href="/Reports/Pages/Folder.aspx?ViewMode=List%2fReportService2005.asmx">Home</a> > <a href="/Reports/Pages/Folder.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring&ViewMode=List%2fReportService2005.asmx">Microsoft
BitLocker Administration and Monitoring</a>
</div></span></td>
<td align="right"><span><a href="/Reports/Pages/Folder.aspx?ViewMode=List%2fReportService2005.asmx">Home</a> | <a href="/Reports/Pages/Subscriptions.aspx?ViewMode=List%2fReportService2005.asmx">My Subscriptions</a> |
<a href="/Reports/Pages/Settings.aspx?ViewMode=List%2fReportService2005.asmx">Site Settings</a> | <a href="http://go.microsoft.com/fwlink/?LinkID=223508"
target="MicrosoftReportingServicesHelp">Help</a></span></td>
</tr>
</table>
<table class="msrs-header" cellpadding="0" cellspacing="0" border="0" width="100%">
<tr>
<td class="msrs-logo" width="36"><img src="/Reports/images/folder_32.gif" alt="Folder" style="height:32px;width:32px;border-width:0px;" /></td>
<td><P class="msrs-site_title">SQL Server Reporting Services</P><P class="msrs-page_title">en-us</P></td>
<td class="msrs-searchContainer" align="right" valign="bottom"><table class="msrs-searchBar" cellpadding="0" cellspacing="0" onfocus="document.getElementById('S_searchButtonID').disabled
= false" onblur="document.getElementById('S_searchButtonID').disabled = true" onmouseover="document.getElementById('S_searchButtonID').disabled = false" onmouseout="document.getElementById('S_searchButtonID').disabled = true">
<tr>
<td style="padding:0px;"><input name="ctl18$ctl24$S_searchTextBoxID" type="text" value="Search" id="S_searchTextBoxID" class="msrs-searchDefaultFont"
onclick="SearchBarClicked('S_searchTextBoxID', 'Search', 'msrs-searchBarNoBorder' );" onblur="SearchBarBlured('S_searchTextBoxID','Search', 'msrs-searchDefaultFont');" onkeypress="
if ((event.which && event.which == 13) || (event.keyCode && event.keyCode == 13))
var searchButton = document.getElementById('S_searchButtonID');
searchButton.disabled = false;
searchButton.click();
event.cancelBubble = true;
return false;
else
return true;
" /></td>
<td style="padding:0px;"><input type="image" name="ctl18$ctl24$S_searchButtonID" id="S_searchButtonID" class="msrs-searchButton" disabled="true"
src="/Reports/images/search_21x.gif" alt="Go" style="border-width:0px;" /></td>
</tr>
</table></td>
</tr>
</table>
</div></td>
</tr>
<tr height="100%">
<td valign="top"><table width="100%" class="msrs-contentFrame" cellpadding="0" cellspacing="0" height="100%">
<tr>
<td valign="top" height="100%"><span><table width="100%" class="msrs-normal" cellpadding="0" cellspacing="0" height="100%">
<tr>
<td valign="top"><span style="display:inline-block;height:100%;"><script language="Javascript" type="text/Javascript">function ControlConditionalEnable10(topLevelEnable)
{EnableMultiButtons('ui_');}</script><span><table width="100%" class="msrs-normal" cellpadding="0" cellspacing="0">
<tr class="msrs-toolbar_top" height="6">
<td valign="top"></td>
</tr>
<tr class="msrs-tool">
<td valign="top"><table width="100%" cellpadding="0" cellspacing="0">
<tr>
<td valign="top" width="5"><img src="/Reports/images/blank.gif" height="0" width="5" /></td>
<td valign="middle"><a id="ui_btnNewFold" class="msrs-buttonHeaderButton msrs-buttonHeaderText" title="New Folder" href="/Reports/Pages/FolderProperties.aspx?CreateNew=True&ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us%2fNew+Folder&RedirectUrl=http%3a%2f%2fwscoc3761cm2%2fReports%2fPages%2fFolder.aspx%3fItemPath%3d%252fMicrosoft%2bBitLocker%2bAdministration%2band%2bMonitoring%252fen-us%26ViewMode%3dList%2fReportService2005.asmx"
onmouseover="this.className='msrs-buttonHeaderButtonHover msrs-buttonHeaderText';" onmouseout="this.className='msrs-buttonHeaderButton msrs-buttonHeaderText';" style="display:inline-block;white-space:nowrap;padding-padding-bottom:2px;padding-padding-right:5px;text-decoration:none;"><img
align="absmiddle" title="New Folder" src="/Reports/images/16newfolder.gif" alt="New Folder" style="border-style:None;height:16px;width:16px;border-width:0px;margin-right:3px;" />New Folder</a></td>
<td valign="top" class="msrs-toolBarSpacerImage"><img src="/Reports/images/divider.gif" style="height:16px;width:16px;border-width:0px;"
/></td>
<td valign="middle"><a id="ui_btnNewDataSource" class="msrs-buttonHeaderButton msrs-buttonHeaderText" title="New Data Source" href="/Reports/Pages/DataSource.aspx?CreateNew=True&ItemsParentPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us&RedirectUrl=http%3a%2f%2fwscoc3761cm2%2fReports%2fPages%2fFolder.aspx%3fItemPath%3d%252fMicrosoft%2bBitLocker%2bAdministration%2band%2bMonitoring%252fen-us%26ViewMode%3dList%2fReportService2005.asmx"
onmouseover="this.className='msrs-buttonHeaderButtonHover msrs-buttonHeaderText';" onmouseout="this.className='msrs-buttonHeaderButton msrs-buttonHeaderText';" style="display:inline-block;white-space:nowrap;padding-padding-bottom:2px;padding-padding-right:5px;text-decoration:none;"><img
align="absmiddle" title="New Data Source" src="/Reports/images/16newdatasource.gif" alt="New Data Source" style="border-style:None;height:16px;width:16px;border-width:0px;margin-right:3px;" />New Data
Source</a></td>
<td valign="top" class="msrs-toolBarSpacerImage"><img src="/Reports/images/divider.gif" style="height:16px;width:16px;border-width:0px;"
/></td>
<td valign="middle"><a id="ui_btnNewReport" class="msrs-buttonHeaderButton msrs-buttonHeaderText" title="Report Builder" href="http://SCCMserver/ReportServer/ReportBuilder/ReportBuilder_3_0_0_0.application"
onmouseover="this.className='msrs-buttonHeaderButtonHover msrs-buttonHeaderText';" onmouseout="this.className='msrs-buttonHeaderButton msrs-buttonHeaderText';" style="display:inline-block;white-space:nowrap;padding-padding-bottom:2px;padding-padding-right:5px;text-decoration:none;"><img
align="absmiddle" title="Report Builder" src="/Reports/images/new_RB_report.gif" alt="Report Builder" style="border-style:None;height:16px;width:16px;border-width:0px;margin-right:3px;" />Report Builder</a></td>
<td valign="top" class="msrs-toolBarSpacerImage"><img src="/Reports/images/divider.gif" style="height:16px;width:16px;border-width:0px;"
/></td>
<td valign="middle"><a id="ui_btnSettings" class="msrs-buttonHeaderButton msrs-buttonHeaderText" title="Folder Settings" href="/Reports/Pages/Folder.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us&SelectedTabId=PropertiesTab"
onmouseover="this.className='msrs-buttonHeaderButtonHover msrs-buttonHeaderText';" onmouseout="this.className='msrs-buttonHeaderButton msrs-buttonHeaderText';" style="display:inline-block;white-space:nowrap;padding-padding-bottom:2px;padding-padding-right:5px;text-decoration:none;"><img
align="absmiddle" title="Folder Settings" src="/Reports/images/edit_folder.gif" alt="Folder Settings" style="border-style:None;height:16px;width:16px;border-width:0px;margin-right:3px;" />Folder Settings</a></td>
<td valign="top" class="msrs-toolBarSpacerImage"><img src="/Reports/images/divider.gif" style="height:16px;width:16px;border-width:0px;"
/></td>
<td valign="middle"><a id="ui_btnUpload" class="msrs-buttonHeaderButton msrs-buttonHeaderText" title="Upload File" href="/Reports/Pages/Import.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us&&RedirectUrl=http%3a%2f%2fwscoc3761cm2%2fReports%2fPages%2fFolder.aspx%3fItemPath%3d%252fMicrosoft%2bBitLocker%2bAdministration%2band%2bMonitoring%252fen-us%26ViewMode%3dList%2fReportService2005.asmx"
onmouseover="this.className='msrs-buttonHeaderButtonHover msrs-buttonHeaderText';" onmouseout="this.className='msrs-buttonHeaderButton msrs-buttonHeaderText';" style="display:inline-block;white-space:nowrap;padding-padding-bottom:2px;padding-padding-right:5px;text-decoration:none;"><img
align="absmiddle" title="Upload File" src="/Reports/images/UploadFile.gif" alt="Upload File" style="border-style:None;height:16px;width:16px;border-width:0px;margin-right:3px;" />Upload File</a></td>
<td valign="top" width="3"><img src="/Reports/images/blank.gif" height="0" width="3" /></td>
<td width="100%"></td>
<td valign="middle"><a id="ui_btnSwitchView" class="msrs-buttonHeaderButton msrs-buttonHeaderText" title="Details View" href="http://SCCMserver:80/Reports/Pages/Folder.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us&ViewMode=Detail"
onmouseover="this.className='msrs-buttonHeaderButtonHover msrs-buttonHeaderText';" onmouseout="this.className='msrs-buttonHeaderButton msrs-buttonHeaderText';" style="display:inline-block;white-space:nowrap;padding-top:2px;padding-bottom:2px;padding-left:5px;padding-right:5px;text-decoration:none;"><img
align="absmiddle" title="Details View" src="/Reports/images/view_detail.gif" alt="Details View" style="border-style:None;height:16px;width:16px;border-width:0px;margin-right:3px;" />Details View</a></td>
<td valign="top" width="5"><img src="/Reports/images/blank.gif" height="0" width="5" /></td>
<td valign="top"> </td>
</tr>
</table>
</td>
</tr>
<tr class="msrs-toolbar_bottom" height="6">
<td valign="top"></td>
</tr>
</table>
</span><table width="100%" class="msrs-normal" cellpadding="0" cellspacing="0" TITLE="Items in en-us">
<tr>
<td valign="top" width="10"><img src="/Reports/images/blank.gif" height="0" width="10" /></td>
<td valign="top" width="100%"><table width="100%" class="msrs-normal" cellpadding="0" cellspacing="0">
<tr>
<td valign="top" height="5px"></td>
</tr>
<tr>
<td valign="top"><Div class="msrs-tileView"><table id="ui_a0" class="msrs-UnSelectedItem" onclick="Clicked(event,'contextMenuCollection_ReportContextMenuIdDiv')"
onmouseover="ChangeReportItemStyleOnMouseOver('ui_a0', 'msrs-SelectedItem', 'msrs-UnSelectedItem')" onmouseout="ChangeReportItemStyleOnMouseOut('ui_a0', 'msrs-UnSelectedItem')" onfocus="ChangeReportItemStyleOnMouseOver('ui_a0', 'msrs-SelectedItem',
'msrs-UnSelectedItem')" onblur="ChangeReportItemStyleOnMouseOut('ui_a0', 'msrs-UnSelectedItem')" onkeydown="OpenMenuKeyPress(event,'contextMenuCollection_ReportContextMenuIdDiv')" value="/Microsoft BitLocker Administration and
Monitoring/en-us/Computer Compliance Report">
<tr>
<td><a href="/Reports/Pages/Report.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us%2fComputer+Compliance+Report"
onmouseover="OnLink()" onmouseout="OffLink()" TabIndex="-1"><img src="/Reports/images/RB_document_32.gif" alt="Report" style="height:32px;width:32px;border-width:0px;visibility:visible;"
/></a></td>
<td><a href="/Reports/Pages/Report.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us%2fComputer+Compliance+Report"
onmouseover="OnLink()" onmouseout="OffLink()" onfocus="ChangeReportItemStyleOnMouseOver('ui_a0', 'msrs-SelectedItem', 'msrs-UnSelectedItem')" onblur="ChangeReportItemStyleOnMouseOut('ui_a0', 'msrs-UnSelectedItem')" class="msrs-itemName"
title="Computer Compliance Report">Computer Compliance Report</a></td>
<td width="20px;"><img src="/Reports/images/Menu1.gif" alt="Open Menu" /></td>
</tr>
</table>
</Div><Div class="msrs-tileView"><table id="ui_a1" class="msrs-UnSelectedItem" onclick="Clicked(event,'contextMenuCollection_ReportContextMenuIdDiv')"
onmouseover="ChangeReportItemStyleOnMouseOver('ui_a1', 'msrs-SelectedItem', 'msrs-UnSelectedItem')" onmouseout="ChangeReportItemStyleOnMouseOut('ui_a1', 'msrs-UnSelectedItem')" onfocus="ChangeReportItemStyleOnMouseOver('ui_a1', 'msrs-SelectedItem',
'msrs-UnSelectedItem')" onblur="ChangeReportItemStyleOnMouseOut('ui_a1', 'msrs-UnSelectedItem')" onkeydown="OpenMenuKeyPress(event,'contextMenuCollection_ReportContextMenuIdDiv')" value="/Microsoft BitLocker Administration and
Monitoring/en-us/Enterprise Compliance Report">
<tr>
<td><a href="/Reports/Pages/Report.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us%2fEnterprise+Compliance+Report"
onmouseover="OnLink()" onmouseout="OffLink()" TabIndex="-1"><img src="/Reports/images/RB_document_32.gif" alt="Report" style="height:32px;width:32px;border-width:0px;visibility:visible;"
/></a></td>
<td><a href="/Reports/Pages/Report.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us%2fEnterprise+Compliance+Report"
onmouseover="OnLink()" onmouseout="OffLink()" onfocus="ChangeReportItemStyleOnMouseOver('ui_a1', 'msrs-SelectedItem', 'msrs-UnSelectedItem')" onblur="ChangeReportItemStyleOnMouseOut('ui_a1', 'msrs-UnSelectedItem')" class="msrs-itemName"
title="Enterprise Compliance Report">Enterprise Compliance Report</a></td>
<td width="20px;"><img src="/Reports/images/Menu1.gif" alt="Open Menu" /></td>
</tr>
</table>
</Div><Div class="msrs-tileView"><table id="ui_a2" class="msrs-UnSelectedItem" onclick="Clicked(event,'contextMenuCollection_ReportContextMenuIdDiv')"
onmouseover="ChangeReportItemStyleOnMouseOver('ui_a2', 'msrs-SelectedItem', 'msrs-UnSelectedItem')" onmouseout="ChangeReportItemStyleOnMouseOut('ui_a2', 'msrs-UnSelectedItem')" onfocus="ChangeReportItemStyleOnMouseOver('ui_a2', 'msrs-SelectedItem',
'msrs-UnSelectedItem')" onblur="ChangeReportItemStyleOnMouseOut('ui_a2', 'msrs-UnSelectedItem')" onkeydown="OpenMenuKeyPress(event,'contextMenuCollection_ReportContextMenuIdDiv')" value="/Microsoft BitLocker Administration and
Monitoring/en-us/Recovery Audit Report">
<tr>
<td><a href="/Reports/Pages/Report.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us%2fRecovery+Audit+Report"
onmouseover="OnLink()" onmouseout="OffLink()" TabIndex="-1"><img src="/Reports/images/RB_document_32.gif" alt="Report" style="height:32px;width:32px;border-width:0px;visibility:visible;"
/></a></td>
<td><a href="/Reports/Pages/Report.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us%2fRecovery+Audit+Report"
onmouseover="OnLink()" onmouseout="OffLink()" onfocus="ChangeReportItemStyleOnMouseOver('ui_a2', 'msrs-SelectedItem', 'msrs-UnSelectedItem')" onblur="ChangeReportItemStyleOnMouseOut('ui_a2', 'msrs-UnSelectedItem')" class="msrs-itemName"
title="Recovery Audit Report">Recovery Audit Report</a></td>
<td width="20px;"><img src="/Reports/images/Menu1.gif" alt="Open Menu" /></td>
</tr>
</table>
</Div><Div class="msrs-tileView"><table id="ui_a3" class="msrs-UnSelectedItem" onclick="Clicked(event,'contextMenuCollection_ReportContextMenuIdDiv')"
onmouseover="ChangeReportItemStyleOnMouseOver('ui_a3', 'msrs-SelectedItem', 'msrs-UnSelectedItem')" onmouseout="ChangeReportItemStyleOnMouseOut('ui_a3', 'msrs-UnSelectedItem')" onfocus="ChangeReportItemStyleOnMouseOver('ui_a3', 'msrs-SelectedItem',
'msrs-UnSelectedItem')" onblur="ChangeReportItemStyleOnMouseOut('ui_a3', 'msrs-UnSelectedItem')" onkeydown="OpenMenuKeyPress(event,'contextMenuCollection_ReportContextMenuIdDiv')" value="/Microsoft BitLocker Administration and
Monitoring/en-us/Volume Report">
<tr>
<td><a href="/Reports/Pages/Report.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us%2fVolume+Report" onmouseover="OnLink()"
onmouseout="OffLink()" TabIndex="-1"><img src="/Reports/images/RB_document_32.gif" alt="Report" style="height:32px;width:32px;border-width:0px;visibility:visible;" /></a></td>
<td><a href="/Reports/Pages/Report.aspx?ItemPath=%2fMicrosoft+BitLocker+Administration+and+Monitoring%2fen-us%2fVolume+Report" onmouseover="OnLink()"
onmouseout="OffLink()" onfocus="ChangeReportItemStyleOnMouseOver('ui_a3', 'msrs-SelectedItem', 'msrs-UnSelectedItem')" onblur="ChangeReportItemStyleOnMouseOut('ui_a3', 'msrs-UnSelectedItem')" class="msrs-itemName" title="Volume
Report">Volume Report</a></td>
<td width="20px;"><img src="/Reports/images/Menu1.gif" alt="Open Menu" /></td>
</tr>
</table>
</Div></td>
</tr>
</table>
</td>
<td valign="top" width="10"><img src="/Reports/images/blank.gif" height="0" width="10" /></td>
</tr>
</table>
<script language="Javascript" type="text/Javascript">var multiButtonList = [];</script></span></td>
</tr>
</table>
</span></td>
</tr>
</table>
</td>
</tr>
</table>
</span><div id="contextMenuCollection" class="msrs-MenuUIPopupBody" style="display:none;;">
<input name="contextMenuCollection$_selectedItemIdHiddenField" type="hidden" id="contextMenuCollection__selectedItemIdHiddenField" /><div id="contextMenuCollection_ReportContextMenuIdDiv" onkeydown="NavigateMenuKeyPress(event)">
<table cellpadding="0" cellspacing="0" class="msrs-MenuUI">
<tr>
<td><img class="msrs-MenuUIMinWidth" src="/Reports/images/blank.gif" style="border-width:0px;" /></td>
</tr>
<tr>
<td id="ui_rcmmove" class="msrs-MenuUIItemTableCell" group="0" underline="OGUL:0ReportContextMenuIdDiv" onmouseover="FocusContextMenuItem('ui_rcmmove','msrs-MenuUIItemTableHover','msrs-MenuUIItemTableCell');"
onmouseout="SwapStyle('ui_rcmmove','msrs-MenuUIItemTableCell');" onblur="SwapStyle('ui_rcmmove','msrs-MenuUIItemTableCell');"><a onclick="HideMenu();" href="javascript:__doPostBack('contextMenuCollection$ReportContextMenuIdDiv$ctl05','')"><Span
class="msrs-menuItemImageContainer"></Span><Span class="msrs-menuItemLabelContainer">Move</Span></a></td>
</tr>
<tr>
<td id="ui_rcmdelete" class="msrs-MenuUIItemTableCell" group="0" onmouseover="FocusContextMenuItem('ui_rcmdelete','msrs-MenuUIItemTableHover','msrs-MenuUIItemTableCell');" onmouseout="SwapStyle('ui_rcmdelete','msrs-MenuUIItemTableCell');"
onblur="SwapStyle('ui_rcmdelete','msrs-MenuUIItemTableCell');"><a onclick="HideMenu();return ShouldDelete('Are you sure you want to delete \u0022{0}\u0022?');" href="javascript:__doPostBack('contextMenuCollection$ReportContextMenuIdDiv$ctl09','')"><Span
class="msrs-menuItemImageContainer"><img alt="" src="/Reports/images/delitem.gif" style="border-width:0px;" /></Span><Span class="msrs-menuItemLabelContainer">Delete</Span></a></td>
</tr>
<tr id="OGUL:0ReportContextMenuIdDiv">
<td><Div class="msrs-MenuUISeparator">#</Div></td>
</tr>
<tr>
<td id="ui_rcmmansub" class="msrs-MenuUIItemTableCell" group="1" underline="OGUL:1ReportContextMenuIdDiv" onmouseover="FocusContextMenuItem('ui_rcmmansub','msrs-MenuUIItemTableHover','msrs-MenuUIItemTableCell');"
onmouseout="SwapStyle('ui_rcmmansub','msrs-MenuUIItemTableCell');" onblur="SwapStyle('ui_rcmmansub','msrs-MenuUIItemTableCell');"><a onclick="HideMenu();" href="javascript:__doPostBack('contextMenuCollection$ReportContextMenuIdDiv$ctl16','')"><Span
class="msrs-menuItemImageContainer"><img alt="" src="/Reports/images/subscription_report.gif" style="border-width:0px;" /></Span><Span class="msrs-menuItemLabelContainer">Subscribe...</Span></a></td>
</tr>
<tr>
<td id="ui_rcmclr" class="msrs-MenuUIItemTableCell" group="1" onmouseover="FocusContextMenuItem('ui_rcmclr','msrs-MenuUIItemTableHover','msrs-MenuUIItemTableCell');" onmouseout="SwapStyle('ui_rcmclr','msrs-MenuUIItemTableCell');"
onblur="SwapStyle('ui_rcmclr','msrs-MenuUIItemTableCell');"><a onclick="HideMenu();" href="javascript:__doPostBack('contextMenuCollection$ReportContextMenuIdDiv$ctl21','')"><Span class="msrs-menuItemImageContainer"><img
alt="" src="/Reports/images/16linked.gif" style="border-width:0px;" /></Span><Span class="msrs-menuItemLabelContainer">Create Linked Report...</Span></a></td>
</tr>
<tr>
<td id="ui_rcmviewrh" class="msrs-MenuUIItemTableCell" group="1" onmouseover="FocusContextMenuItem('ui_rcmviewrh','msrs-MenuUIItemTableHover','msrs-MenuUIItemTableCell');" onmouseout="SwapStyle('ui_rcmviewrh','msrs-MenuUIItemTableCell');"
onblur="SwapStyle('ui_rcmviewrh','msrs-MenuUIItemTableCell');"><a onclick="HideMenu();" href="javascript:__doPostBack('contextMenuCollection$ReportContextMenuIdDiv$ctl26','')"><Span class="msrs-menuItemImageContainer"></Span><Span
class="msrs-menuItemLabelContainer">View Report History</Span></a></td>
</tr>
<tr id="OGUL:1ReportContextMenuIdDiv">
<td><Div class="msrs-MenuUISeparator">#</Div></td>
</tr>
<tr>
<td id="ui_rcmsec" class="msrs-MenuUIItemTableCell" group="2" underline="OGUL:2ReportContextMenuIdDiv" onmouseover="FocusContextMenuItem('ui_rcmsec','msrs-MenuUIItemTableHover','msrs-MenuUIItemTableCell');"
onmouseout="SwapStyle('ui_rcmsec','msrs-MenuUIItemTableCell');" onblur="SwapStyle('ui_rcmsec','msrs-MenuUIItemTableCell');"><a onclick="HideMenu();" href="javascript:__doPostBack('contextMenuCollection$ReportContextMenuIdDiv$ctl32','')"><Span
class="msrs-menuItemImageContainer"><img alt="" src="/Reports/images/security16.gif" style="border-width:0px;" /></Span><Span class="msrs-menuItemLabelContainer">Security</Span></a></td>
</tr>
<tr>
<td id="ui_rcmedit" class="msrs-MenuUIItemTableCell" group="2" onmouseover="FocusContextMenuItem('ui_rcmedit','msrs-MenuUIItemTableHover','msrs-MenuUIItemTableCell');" onmouseout="SwapStyle('ui_rcmedit','msrs-MenuUIItemTableCell');"
onblur="SwapStyle('ui_rcmedit','msrs-MenuUIItemTableCell');"><a onclick="HideMenu();" href="javascript:__doPostBack('contextMenuCollection$ReportContextMenuIdDiv$ctl37','')"><Span class="msrs-menuItemImageContainer"></Span><Span
class="msrs-menuItemLabelContainer">Manage</Span></a></td>
</tr>
<tr>
<td id="ui_rcmdownload" class="msrs-MenuUIItemTableCell" group="2" onmouseover="FocusContextMenuItem('ui_rcmdownload','msrs-MenuUIItemTableHover','msrs-MenuUIItemTableCell');" onmouseout="SwapStyle('ui_rcmdownload','msrs-MenuUIItemTableCell');"
onblur="SwapStyle('ui_rcmdownload','msrs-MenuUIItemTableCell');"><a onclick="HideMenu();" href="javascript:__doPostBack('contextMenuCollection$ReportContextMenuIdDiv$ctl41','')"><Span class="msrs-menuItemImageContainer"><img
alt="" src="/Reports/images/DownloadFile.gif" style="border-width:0px;" /></Span><Span class="msrs-menuItemLabelContainer">Download...</Span></a></td>
</tr>
<tr id="OGUL:2ReportContextMenuIdDiv">
<td><Div class="msrs-MenuUISeparator">#</Div></td>
</tr>
<tr>
<td id="ui_rcmeditrb" class="msrs-MenuUIItemTableCell" group="3" underline="OGUL:2ReportContextMenuIdDiv" onmouseover="FocusContextMenuItem('ui_rcmeditrb','msrs-MenuUIItemTableHover','msrs-MenuUIItemTableCell');"
onmouseout="SwapStyle('ui_rcmeditrb','msrs-MenuUIItemTableCell');" onblur="SwapStyle('ui_rcmeditrb','msrs-MenuUIItemTableCell');"><a onclick="HideMenu();" href="javascript:__doPostBack('contextMenuCollection$ReportContextMenuIdDiv$ctl48','')"><Span
class="msrs-menuItemImageContainer"><img alt="" src="/Reports/images/report_edit_01.gif" style="border-width:0px;" /></Span><Span class="msrs-menuItemLabelContainer">Edit
in Report Builder</Span></a></td>
</tr>
</table>
</div>
</div></form></BODY></HTML>
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Microsoft.SqlServer.ReportingServices.ReportService2005.ReportingService2005.ListChildren(String Item, Boolean Recursive)
at Microsoft.Mbam.Setup.Common.ParameterValidation.IsValidSsrsUrlToMbamReports(Uri uri, Boolean testUri)
at Microsoft.Mbam.Setup.WebAdministration.HelpDeskProvider.CheckReportsUrl()
at Microsoft.Mbam.Setup.Common.ActionItemQueue.Run()
at Microsoft.Mbam.Setup.WebAdministration.WebProviderBase`1.CheckPrereqs(IProgress`1 progress, CancellationToken cancellationToken, T configuration)
at Microsoft.Mbam.Setup.Common.FeatureProviderBase`1.<>c__DisplayClass34`1.<InvokeAsync>b__33()
at System.Threading.Tasks.Task`1.InnerInvoke()
at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Mbam.Setup.Common.FeatureProviderBase`1.<InvokeAsync>d__36`1.MoveNext()</Data>
</EventData>
</Event>I finally found the problem.
I had the reporting services url wrong.
http://sccmserver/Reports (this connects successfully but is wrong.)
The wizard would say the path was wrong so I changed it by drilling further into the report server.
By selecting the Bitlocker folder.
Then the wizard stopped showing the red error wrong path but it turns out it was still the wrong path.
A bit misleading. I noticed on my SCCM server in the Reporting Services Configuration Manager under Report manager URL,
http://sccmserver/ReportServer Typed this in and finished the wizard for the first time. :) -
Need help removing MBAM 2.5 SCCM integration from SCCM 2012!!
Hi there,
I upgraded the infrastructure from MBAM 2.0 SP1 to MBAM 2.5. We have three server infrastructure. Everything is working fine except the computers wont show up under MBAM computer collection.
I am trying to remove MBAM 2.5 SCCM integration feature from my SCCM 2012 and reinstall it. When I try to uninstall it, it fails and says " setup failed to update MBAM. Fix the issue and run setup again.
For more information, review the setup log file.
This is the log file:
[13E8:1494][2015-04-09T10:27:30]i001: Burn v3.7.1224.0, Windows v6.2 (Build 9200: Service Pack 0), path: C:\ProgramData\Package Cache\{361e0078-625a-4d34-a8fd-7cac477cf297}\MbamServerSetup.exe, cmdline: '/uninstall -burn.unelevated BurnPipe.{614807DE-1C28-4AF6-9D35-D96A2C18F49F}
{4D8799C7-35F5-4852-8DD9-C9F1A150F41D} 5496'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_FATALEXIT' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_ERROR' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_WARNING' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_USER' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_INFO ' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_RESOLVESOURCE' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_OUTOFDISKSPACE' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_ACTIONSTART' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_ACTIONDATA' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_VERBOSE' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_PROPERTYDUMP' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Initializing numeric variable 'INSTALLLOGMODE_COMMONDATA' to value '1'
[13E8:1494][2015-04-09T10:27:30]i000: Setting string variable 'WixBundleLog' to value 'C:\Users\PWAGHW~1\AppData\Local\Temp\Microsoft_BitLocker_Administration_and_Monitoring_20150409102730.log'
[13E8:1494][2015-04-09T10:27:30]i052: Condition 'VersionNT >= v6.1' evaluates to true.
[13E8:1494][2015-04-09T10:27:30]i000: Loading managed bootstrapper application.
[13E8:1494][2015-04-09T10:27:30]i000: Creating BA thread to run asynchronously.
[13E8:1924][2015-04-09T10:27:30]i000: Running WixBa
[13E8:1494][2015-04-09T10:27:30]i100: Detect begin, 1 packages
[13E8:1494][2015-04-09T10:27:30]i000: Setting numeric variable 'ISMBAM21ALREADYINSTALLED' to value 2
[13E8:1494][2015-04-09T10:27:30]i000: Setting numeric variable 'ISMBAM25ALREADYINSTALLED' to value 3
[13E8:1494][2015-04-09T10:27:30]i000: Setting numeric variable 'ISMBAMALREADYINSTALLED' to value 2
[13E8:1494][2015-04-09T10:27:30]i000: Setting numeric variable 'ISNETFRAMEWORK45' to value 1
[13E8:1494][2015-04-09T10:27:30]i101: Detected package: MBAMServer.msi, state: Present, cached: Complete
[13E8:1494][2015-04-09T10:27:30]i199: Detect complete, result: 0x0
[13E8:1494][2015-04-09T10:27:30]i100: Detect begin, 1 packages
[13E8:1494][2015-04-09T10:27:30]i000: Setting numeric variable 'ISMBAM21ALREADYINSTALLED' to value 2
[13E8:1494][2015-04-09T10:27:30]i000: Setting numeric variable 'ISMBAM25ALREADYINSTALLED' to value 3
[13E8:1494][2015-04-09T10:27:30]i000: Setting numeric variable 'ISMBAMALREADYINSTALLED' to value 2
[13E8:1494][2015-04-09T10:27:30]i000: Setting numeric variable 'ISNETFRAMEWORK45' to value 1
[13E8:1924][2015-04-09T10:27:30]i000: Creating a UI
[13E8:1494][2015-04-09T10:27:30]i101: Detected package: MBAMServer.msi, state: Present, cached: Complete
[13E8:1494][2015-04-09T10:27:31]i199: Detect complete, result: 0x0
[13E8:1924][2015-04-09T10:27:32]i000: SQM opt in:
[13E8:1924][2015-04-09T10:27:32]i000: MU opt in:
[13E8:1924][2015-04-09T10:27:32]i000: Installation Location:
[13E8:1494][2015-04-09T10:27:32]i200: Plan begin, 1 packages, action: Uninstall
[13E8:1494][2015-04-09T10:27:32]i000: Setting string variable 'WixBundleRollbackLog_MBAMServer.msi' to value 'C:\Users\PWAGHW~1\AppData\Local\Temp\Microsoft_BitLocker_Administration_and_Monitoring_20150409102730_0_MBAMServer.msi_rollback.log'
[13E8:1494][2015-04-09T10:27:32]i000: Setting string variable 'WixBundleLog_MBAMServer.msi' to value 'C:\Users\PWAGHW~1\AppData\Local\Temp\Microsoft_BitLocker_Administration_and_Monitoring_20150409102730_0_MBAMServer.msi.log'
[13E8:1494][2015-04-09T10:27:32]i201: Planned package: MBAMServer.msi, state: Present, default requested: Absent, ba requested: Absent, execute: Uninstall, rollback: Install, cache: No, uncache: Yes, dependency: Unregister
[13E8:1494][2015-04-09T10:27:32]i299: Plan complete, result: 0x0
[13E8:1494][2015-04-09T10:27:32]i300: Apply begin
[1578:0914][2015-04-09T10:27:32]i360: Creating a system restore point.
[1578:0914][2015-04-09T10:27:32]i362: System restore disabled, system restore point not created.
[1578:0914][2015-04-09T10:27:32]i326: Removed dependency: {361e0078-625a-4d34-a8fd-7cac477cf297} on package provider: {5F17D209-508F-4BFF-AE47-5C46BEE48C99}, package MBAMServer.msi
[1578:0914][2015-04-09T10:27:32]i329: Removed package dependency provider: {5F17D209-508F-4BFF-AE47-5C46BEE48C99}, package: MBAMServer.msi
[1578:0914][2015-04-09T10:27:32]i301: Applying execute package: MBAMServer.msi, action: Uninstall, path: C:\ProgramData\Package Cache\{5F17D209-508F-4BFF-AE47-5C46BEE48C99}v2.5.0244.0\MBAMServer.msi, arguments: ' ARPSYSTEMCOMPONENT="1" MSIFASTINSTALL="7"
INSTALLDIR="" OPTIN_FOR_MICROSOFT_UPDATES="" CEIPENABLED="" WIXFAILWHENDEFERRED="" FORCE_UNINSTALL=""'
[1578:0914][2015-04-09T10:27:35]e000: Error 0x80070643: Failed to uninstall MSI package.
[1578:0914][2015-04-09T10:27:35]e000: Error 0x80070643: Failed to execute MSI package.
[13E8:1494][2015-04-09T10:27:35]e000: Error 0x80070643: Failed to configure per-machine MSI package.
[13E8:1494][2015-04-09T10:27:35]i319: Applied execute package: MBAMServer.msi, result: 0x80070643, restart: None
[13E8:1494][2015-04-09T10:27:35]e000: Error 0x80070643: Failed to execute MSI package.
[1578:0914][2015-04-09T10:27:35]i318: Skipped rollback of package: MBAMServer.msi, action: Install, already: Present
[13E8:1494][2015-04-09T10:27:35]i319: Applied rollback package: MBAMServer.msi, result: 0x0, restart: None
[1578:0914][2015-04-09T10:27:35]i323: Registering package dependency provider: {5F17D209-508F-4BFF-AE47-5C46BEE48C99}, version: 2.5.0244.0, package: MBAMServer.msi
[1578:0914][2015-04-09T10:27:35]i325: Registering dependency: {361e0078-625a-4d34-a8fd-7cac477cf297} on package provider: {5F17D209-508F-4BFF-AE47-5C46BEE48C99}, package: MBAMServer.msi
[13E8:1494][2015-04-09T10:27:35]i399: Apply complete, result: 0x80070643, restart: None, ba requested restart: No
[13E8:1494][2015-04-09T10:29:52]i500: Shutting down, exit code: 0x80070643
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_ACTIONDATA = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_ACTIONSTART = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_COMMONDATA = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_ERROR = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_FATALEXIT = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_INFO = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_OUTOFDISKSPACE = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_PROPERTYDUMP = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_RESOLVESOURCE = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_USER = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_VERBOSE = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: INSTALLLOGMODE_WARNING = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: ISMBAM21ALREADYINSTALLED = 2
[13E8:1494][2015-04-09T10:29:52]i410: Variable: ISMBAM25ALREADYINSTALLED = 3
[13E8:1494][2015-04-09T10:29:52]i410: Variable: ISMBAMALREADYINSTALLED = 2
[13E8:1494][2015-04-09T10:29:52]i410: Variable: ISNETFRAMEWORK45 = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: VersionNT = 6.2.0.0
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleAction = 3
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleElevated = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleInstalled = 1
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleLog = C:\Users\PWAGHW~1\AppData\Local\Temp\Microsoft_BitLocker_Administration_and_Monitoring_20150409102730.log
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleLog_MBAMServer.msi = C:\Users\PWAGHW~1\AppData\Local\Temp\Microsoft_BitLocker_Administration_and_Monitoring_20150409102730_0_MBAMServer.msi.log
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleManufacturer = Microsoft Corporation
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleName = Microsoft BitLocker Administration and Monitoring
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleOriginalSource = C:\Users\pwaghwani\Desktop\mu_microsoft_desktop_optimization_pack_2014_r2_x86_x64_dvd_6110480\MBAM\MBAM 2.5\Installers\x64\MbamServerSetup.exe
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleProviderKey = {361e0078-625a-4d34-a8fd-7cac477cf297}
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleRollbackLog_MBAMServer.msi = C:\Users\PWAGHW~1\AppData\Local\Temp\Microsoft_BitLocker_Administration_and_Monitoring_20150409102730_0_MBAMServer.msi_rollback.log
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleTag =
[13E8:1494][2015-04-09T10:29:52]i410: Variable: WixBundleVersion = 2.5.244.0
[13E8:1494][2015-04-09T10:29:52]i007: Exit code: 0x80070643, restarting: No
Thanks for your help!!
Thanks, Prakash Waghwani Microsoft E-Learning Support Teamhave you tried to run it from an elavated prompt ?
/Oliver -
AD contains system Recovery Key, but not showing in MBAM.
I am in an environment with MBAM 1.0 installed. I built the MDT 2013 system here and am currently trying to figure out why the bitlocker keys are showing up in AD but not MBAM.
In MDT, I have disabled the "enable bitlocker" options so there shouldn't be a case where that the TPM ownership is wrong (I think). I do however set the
bios password with CCTK, then apply the default bios configuration with an ini via cctk. The bios sets and activates tpm just before the hard disk is formatted by LTI.
q1. Could setting the TPM without restarting cause the TPM ownership to be set to the PE in some weird way.
q1.1. would I clear the tpm if this is the issue?
So MBAM client is installed on the reference image and captured by MDT. The WIM is then deployed to a system using a standard TS with the bitlocker disabled like
I mentioned above. I do not make any changes to reg for mbam in the reference image. For testing, I tried adding the mbam recovery key location url to the reference image reg. I still need to test that but a few other tests I did makes me believe this
is not the case.
MDT binds the system to a default OU in the domain. After the system is configured, I start Bitlocker. (Sometimes I start bitlocker when the system is in the default
OU, sometimes I start it after I move them into the right ou for the role). I am almost positive the default OU has the mbam settings (I do not have access to this gpo), since the manage-bde -status comes back AES 128 with diffuser (as compared to regular
aes 128).
After bitlocker finishes, the key is found in AD but not mbam.
I think the major questions I have are:
How can I force MBAM to take ownership of the TPM after the os is bitlockered? (about 100/700 machines are not reporting to mbam but are to bitlocker because of this new deployment system)
If I turn TPM on and activate while I was in the PE, would that mean the PE has the TPM ownership? (or bitlocker in this case, since mbam is not installed on the PE)
- Could I install MBAM on the PE and use that to manage the tpm? (MDT 2013) (I have seen some documents that cover this but it largely comes from wanting a pre-provisioned bitlocker.)
** I think the most manual way of correcting the issue I am having, is to either clear the tpm and rebitlocker, or
.. when a system is about to image, turn tpm on but leave it deactivated. (If I leave the tpm deactivated, every system will need to be manually rebooted and f10 will need to be pressed to continue the bitlocker process. this includeds
a user login too)Keep the MBAM out of the .wim! Install it in task sequence.
MBAM Client has its own log files in event viewer, there you perhaps find the reason why recovery key is not stored in DP. But fix your image first, keep it thin. -
Hi All,
Our Organisation has decided to go with MBAM, Here is the back ground of our setup
1. Windows 2008 R2 Server will be used for Group Policy Mgmt Workstation and Management Web Interface
2. SQL Server with 3 database, Audit, Recovery and AuditRepor. (Please note that this SQL Server is Sharing other Application database as well)
We have started the installation of MBAM on Windows 2008 R2 Server, we have completed all the pre-requsites, but stuck up while configuring the SRS services, the SRS services are not configured on SQL server.
So my question
1. is it possible to skip the SRS step and continue with installation? Once the SQL team configure the SRS on SQL server we will complete the SRS part
2. Is there any other alertnative to complete the installation.
Thanks
AG
Thanks HAYes, you need as a first step to run the MBAM setup on the SQL server in order to create the databases and the reports properly with the good rights on them.
Regards,
Follow me on Twitter http://www.twitter.com/liontux | My Blog (French/English) :
http://security.sakuranohana.fr/ -
MBAM will not auto encrypt the system partition
First after reimaging, I need to use tpm.msc to prepare the TPM, as the TPM is running in reduced functionality. The computer reboots and clears the TPM. After the reboot, the logs no longer show any new errors.
However if the option “Configure the number of noncompliance grace period days for operating system drives” is set to zero; nothing ever happens. There are no errors in the logs.
If “Configure the number of noncompliance grace period days for operating system drives” is unconfigured. The user is prompted to encrypt, if the user choses to encrypt everything works correctly.
We are using HP Probook 6545b notebooks
Below you see the MBAM policy.
I must have missed something in the BIOS or the policy, but what?I have checked the MBAM node in Event Viewer, policies are applying successfully. We are not using a PIN. I am beginning to believe this is a hardware limitation. As on a newer notebook I only needed to use TPM.msc to manually, prepare the TPM and after
reboot automatic encryption began. I need to solve the issue with manually needing to prepare the TPM. -
MBAM installation fails with 1603 error
I have a Windows 7 Enterprise client computer that I am attempting to install the MBAM client. The installation fails reporting a 1603 error. There are three areas in the installation log where I receive a return value 3:
Exit: MBAMClientCAs.dll : PostInstall
MSI (s) (10:EC) [08:36:37:653]: Closing MSIHANDLE (139) of type 790536 for thread 6612
CustomAction MbamWmiProvidersInstallCustomAction returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
MSI (s) (10:D4) [08:36:37:685]: User policy value 'DisableRollback' is 0
MSI (s) (10:D4) [08:36:37:685]: Machine policy value 'DisableRollback' is 0
Action ended 8:36:37: InstallFinalize. Return value 3.
MSI (s) (10:D4) [08:36:42:146]: MsiProvideAssembly is returning: 1607
MSI (s) (10:D4) [08:36:42:333]: Note: 1: 2318 2:
MSI (s) (10:D4) [08:36:42:333]: No System Restore sequence number for this installation.
MSI (s) (10:D4) [08:36:42:333]: Unlocking Server
MSI (s) (10:D4) [08:36:42:349]: PROPERTY CHANGE: Deleting UpdateStarted property. Its current value is '1'.
Action ended 8:36:42: INSTALL. Return value 3.
MSI (s) (10:8C) [08:36:42:427]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (s) (10:8C) [08:36:42:427]: Restoring environment variables
MSI (s) (10:8C) [08:36:42:427]: Destroying RemoteAPI object.
MSI (s) (10:DC) [08:36:42:427]: Custom Action Manager thread ending.
MSI (c) (B4:BC) [08:36:42:427]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (B4:BC) [08:36:42:427]: MainEngineThread is returning 1603.
The lines preceding the first return value 3:
Entry: RunMofComp
MSI (s) (10!F4) [08:36:37:045]: Closing MSIHANDLE (148) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:061]: Creating MSIHANDLE (149) of type 790531 for thread 6900
RunMofComp: mofcomp command line: 'mofcomp.exe "C:\WINDOWS\TEMP\dzorig55.1u0.mof"'
MSI (s) (10!F4) [08:36:37:061]: Closing MSIHANDLE (149) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:061]: Creating MSIHANDLE (150) of type 790531 for thread 6900
PreUninstallDeRegister: Ignorable Win32Exception thrown: System.ComponentModel.Win32Exception: The system cannot find the file specified
at System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo startInfo)
at System.Diagnostics.Process.Start()
at System.Diagnostics.Process.Start(ProcessStartInfo startInfo)
at Microsoft.BitLockerManagement.ClientInstaller.CustomActions.RunMofComp(Session session, String mofFilePath)
at Microsoft.BitLockerManagement.ClientInstaller.CustomActions.PreUninstallDeRegister(Session session)
MSI (s) (10!F4) [08:36:37:061]: Closing MSIHANDLE (150) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:357]: Creating MSIHANDLE (151) of type 790531 for thread 6900
Exit: PreUninstallDeRegister
MSI (s) (10!F4) [08:36:37:357]: Closing MSIHANDLE (151) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:357]: Creating MSIHANDLE (152) of type 790531 for thread 6900
PostInstallRegister: Assembly to install: 'C:\WINDOWS\assembly\GAC_MSIL\Microsoft.BitLockerManagement.WmiProviders\2.5.244.0__31bf3856ad364e35\Microsoft.BitLockerManagement.WmiProviders.dll'
MSI (s) (10!F4) [08:36:37:357]: Closing MSIHANDLE (152) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:357]: Creating MSIHANDLE (153) of type 790531 for thread 6900
PostInstallRegister: CLR version: 'v2.0.50727'
MSI (s) (10!F4) [08:36:37:357]: Closing MSIHANDLE (153) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:638]: Creating MSIHANDLE (154) of type 790531 for thread 6900
PostInstallRegister: Generating MOF file: 'C:\Program Files\Microsoft\MDOP MBAM\Microsoft.BitLockerManagement.WmiProviders.mof'
MSI (s) (10!F4) [08:36:37:638]: Closing MSIHANDLE (154) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:638]: Creating MSIHANDLE (155) of type 790531 for thread 6900
PostInstallRegister: MOF generation finished
MSI (s) (10!F4) [08:36:37:638]: Closing MSIHANDLE (155) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:638]: Creating MSIHANDLE (156) of type 790531 for thread 6900
PostInstallRegister: Post processing MOF file
MSI (s) (10!F4) [08:36:37:638]: Closing MSIHANDLE (156) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:638]: Creating MSIHANDLE (157) of type 790531 for thread 6900
PostInstallRegister: Running mofcomp.exe
MSI (s) (10!F4) [08:36:37:638]: Closing MSIHANDLE (157) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:638]: Creating MSIHANDLE (158) of type 790531 for thread 6900
Entry: RunMofComp
MSI (s) (10!F4) [08:36:37:638]: Closing MSIHANDLE (158) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:638]: Creating MSIHANDLE (159) of type 790531 for thread 6900
RunMofComp: mofcomp command line: 'mofcomp.exe "C:\Program Files\Microsoft\MDOP MBAM\Microsoft.BitLockerManagement.WmiProviders.mof"'
MSI (s) (10!F4) [08:36:37:638]: Closing MSIHANDLE (159) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:638]: Creating MSIHANDLE (160) of type 790531 for thread 6900
PostInstallRegister exception System.ComponentModel.Win32Exception: The system cannot find the file specified
at System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo startInfo)
at System.Diagnostics.Process.Start()
at System.Diagnostics.Process.Start(ProcessStartInfo startInfo)
at Microsoft.BitLockerManagement.ClientInstaller.CustomActions.RunMofComp(Session session, String mofFilePath)
at Microsoft.BitLockerManagement.ClientInstaller.CustomActions.PostInstallRegister(Session session)
MSI (s) (10!F4) [08:36:37:638]: Closing MSIHANDLE (160) of type 790531 for thread 6900
MSI (s) (10!F4) [08:36:37:638]: Creating MSIHANDLE (161) of type 790531 for thread 6900
Exit: PostInstallRegister
MSI (s) (10!F4) [08:36:37:653]: Closing MSIHANDLE (161) of type 790531 for thread 6900
Exit: MBAMClientCAs.dll : PostInstall
MSI (s) (10:EC) [08:36:37:653]: Closing MSIHANDLE (139) of type 790536 for thread 6612
CustomAction MbamWmiProvidersInstallCustomAction returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
MSI (s) (10:D4) [08:36:37:685]: User policy value 'DisableRollback' is 0
MSI (s) (10:D4) [08:36:37:685]: Machine policy value 'DisableRollback' is 0
Action ended 8:36:37: InstallFinalize. Return value 3.
This appears to be an isolated problem, but I haven't been able to resolve this failed installation. Any help would be greatly appreciated.
Thanks!Hi,
Have you look at this knowledge base article:
You receive an "error 1603: A fatal error occurred during installation" error message when you try to install a Windows Installer package
http://support2.microsoft.com/kb/834484
Meanwhile, please seek for professional help from this forum:
https://social.technet.microsoft.com/Forums/windows/en-US/home?forum=mdopmbam
Karen Hu
TechNet Community Support -
TPM password not found in MBAM database
There are other threads I have read through and did some troubleshooting, but still I´m stuck with this, how to get TPM password in MBAM database. Another question is, do I really need it? Isn´t recovery key enough?
My situation is this:
1. Computers are encrypted during Task Sequence and MBAM client is installed.
2. During first logon MBAM client promts for PIN and encryption is complete.
3. Bitlocker recovery key is found in MBAM Admin Web page, but not TPM password.
What I tried to do:
- There is no Group Policy for controling TPM password.
- I´m member of MBAM Admin group and Helpdesk groups.
- If I clear and initialize TPM from its mgmt console, there will not be any activity from MBAM client, and TPM password still does not go to DB
- I have checked from SQL mgmt studio, that TPM hash is NULL
- I tried to use TPM-EK vbs script before and after encryption, there is no effect.
So how to get TPM password to DP? Specially I´m intresting in scenario where Computer is already encrypted.MBAM has to own the TPM to store the password. During a task sequence, follow the steps below. The steps assume pre-provisioning, but the concept is the same even if you don't use it. If the machine is already encrypted and you want MBAM to store the
password, you will have to clear the TPM and reboot. Note that this requires physical presence - someone will have to hit F1 in the preboot screen. See below for info on how to clear it via PowerShell. The reason you want the TPM OwnerAuth password is
that if a user types their PIN too many times in preboot, the TPM may put the machine into BitLocker Recovery and lock itself for some period of time (depends on manufacturer). To unlock it faster after you have supplied the BitLocker Recovery Password
and are in the OS, you have to go to tpm.msc and choose Reset TPM Lockout, supplying the TPM Owner Auth password. If MBAM stores it, you can get this info from the Helpdesk portal.
To configure MBAM to own the TPM and store OwnerAuth passwords
On the client computer, open an elevated Windows PowerShell command prompt.
Type the following Windows PowerShell commands:
Command
Description
$tpm=get-wmiobject -class Win32_Tpm -namespace root\cimv2\security\microsofttpm
Gets an instance of the TPM WMI class.
$tpm.DisableAutoProvisioning()
Disables TPM auto-provisioning.
$tpm. SetPhysicalPresenceRequest(22)
Clears the TPM.
Restart the computer, and then confirm that you want to clear the TPM.
For the task sequence to get MBAM to own it out of the box, do the following:
Capture and sysprep a WIM as you normally would.
Mount the captured WIM using
dism /mount-wim /wimfile:C:\WimImages\Win7.wim
/index:1 /mountdir:C:\AIKMount
Load the WIM registry -
reg load
HKLM\WimRegistry
c:\AIKMount\windows\system32\config\system
Open regedit and browse to hklm\WimRegistry\system\controlset001\services\TPM\WMI and add the two reg keys that
Jim mentioned
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tpm\WMI: NoAutoProvision [REG_DWORD]
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tpm\WMI: NoDisableOwnerClear [REG_DWORD]
Close regedit
Unload the WIM registry -
reg unload HKLM\WimRegistry
Commit changes to the WIM and unmount -
dism /unmount-wim /mountdir:C:\AIKMount
/commit
Went to MDT 2012 Update 1 and my deployment share.
Edited the ZTIBDE.wsf script in MDT to tell it not to take ownership of the TPM.
In that script, replace the TPMValidate function with what I have below (I just commented out the SetTPMOwner lines)
Function TpmValidate ()
Dim iRetVal, sCmd, sTpmOwnerPassword
iRetVal = Success
'// Set oTpm to valid instance
iRetVal = GetTpmInstance()
TestAndFail iRetVal, 6734, "Get TPM Instance"
'// Set global booleans for TPM state. Error bubble handled by subs
iRetVal = GetTpmEnabled()
TestAndFail iRetVal, 6735, "Check to see if TPM is enabled"
iRetVal = GetTpmActivated()
TestAndFail iRetVal, 6736, "Check to see if TPM is activated"
iRetVal = GetTpmOwner()
TestAndFail iRetVal, 6737, "Check to see if TPM is owned"
iRetVal = GetTpmOwnershipAllowed()
TestAndFail iRetVal, 6738, "Check to see if TPM Ownership is allowed"
iRetVal = GetEndorsementKeyPairPresent()
oLogging.CreateEntry "TpmEnabled: " & bTpmEnabled, LogTypeInfo
oLogging.CreateEntry "TpmActivated: " & bTpmActivated, LogTypeInfo
oLogging.CreateEntry "TpmOwned: " & bTpmOwned, LogTypeInfo
oLogging.CreateEntry "TpmOwnershipAllowed: " & bTpmOwnershipAllowed, LogTypeInfo
oLogging.CreateEntry "EndorsementKeyPairPresent: " & bEndorsementKeyPairPresent, LogTypeInfo
'// Single instance check to allow future corrective action branching.
TestAndFail bTPMEnabled, 6739, "Check to see if TPM is enabled"
TestAndFail bTPMActivated, 6740, "Check to see if TPM is activated"
TestAndFail bTpmOwned or bTpmOwnershipAllowed , 6741, "Check to see if TPM is owned and ownership is allowed"
If bTpmOwned <> True AND bTpmOwnershipAllowed = True Then
If oEnvironment.Item("TpmOwnerPassword") <> "" Then
oLogging.CreateEntry "TPM Ownership being intiated.", LogTypeInfo
'iRetVal = SetTpmOwner(oEnvironment.Item("TpmOwnerPassword"))
TestAndFail iRetVal, 6741, "TPM Owner Password set"
ElseIf oEnvironment.Item("AdminPassword") <> "" Then
oLogging.CreateEntry "TPM Ownership being intiated with AdminP@ssword (not TPMOwnerP@ssword).", LogTypeInfo
'iRetVal = SetTpmOwner(oEnvironment.Item("AdminPassword"))
TestAndFail iRetVal, 6742, "TPM Owner P@ssword set to AdminP@ssword"
Else
oLogging.CreateEntry "TPM Ownership being intiated with Default p@ssword (not TPMOwnerP@ssword).", LogTypeInfo
'iRetVal = SetTpmOwner("M0nksH00d!4T3al")
TestAndFail iRetVal, 6743, "Set TPM Owner P@ssword to value"
End If
End If
TpmValidate = Success
End Function
Grab the StartMBAMEncryption.wsf script from
here
and edit out those same lines as above.
Added the following files to an MDT application.
Set the app to run cscript.exe startmbamencryption.wsf /MBAMServiceEndPoint:http://<yourmbamserver>/MBAMRecoveryAndHardwareService/CoreService.svc
Added the MBAM agent installer as an application
Added the MBAM agent to the task sequence
Added the Start MBAM Encryption app to the task sequence
Set OSDBitLockerMode=TPM and IsBDE=True in customsettings.ini
Made sure this was a bare metal machine where the TPM was clear (for testing, you can clear it from the BIOS, just make sure it is activated).
Ran the TS on the box.
Result:
BitLocker was pre-provisioned and activated, and MBAM took ownership of the TPM which escrowed the OwnerAuth info to MBAM. -
Would like to move the MBAM reports up a level in the folder structure
We have MBAM 2.5 using CfgMgr 2012 integration all set up and working. In the reports I had this structure:
-Reports
--MBAM
---en-us
----Compliance Details
----Compliance Summary
----Compliance
----Compliance Dashboard
To save one level of drilling down, I moved the reports out of the en-us folder, up in to the
MBAM folder (and then deleted the en-us folder). All four reports still open just fine, but when I click on one of the pie slices in the Dashboard, I get this error:
The item '/ConfigMgr_CM1/MBAM/en-US/BitLocker Enterprise Compliance Details' cannot be found. (rsItemNotFound)
Looking at the path in the error, it's understandable why this blows up, so I need to edit the pie slices' links such that they leave out the reference to
en-us.
How/where do I do this? Or should I just move the reports back to where they came from? (And if I should move them back, how/where do I recreate the
en-us folder?
Thanks much for any assistance.
BondGI moved the reports and then deleted the en-us folder from within my SCCM Reports portal in IE (http://mySCCMsvr/Reports/)
These options are supposed to be in the RIGHT click menu, but half the time I LEFT click, the RIGHT click menu appears. One day when it appeared, I decided to save myself the extra drilling down.
You are correct, I can recreate the folder here, in fact, I just created the folder and moved the reports back, thus fixing the broken pie slices. However, I'd prefer remove this folder unless it's not possible (or inordinately difficult)
to edit the report to get the drill-down functionality back on the pie slices.
For this one set of reports I could learn to live with the extra level of the en-us folder, but there are other places I'd like to edit things.
BondG -
Error 1603 While installing the MBAM server 2.0 SP1
Hi,
I am getting some error while installing the MBAM 2.0 SP1 server. I gone through the Logs below the logs.
what is solution for this issue. I have installed recovery, Audit and Reporting MBAM DB on other server and while trying to install Self service portal and Administration & Monitoring Server am getting below error.
Can any one help me.
roperty(S): LogonUser = BOMSVCBTK
Property(S): UserSID = S-1-5-21-462901161-2028365903-2773613984-13552
Property(S): UserLanguageID = 1033
Property(S): ComputerName = BOMVMSSIPS01
Property(S): SystemLanguageID = 1033
Property(S): ScreenX = 1024
Property(S): ScreenY = 768
Property(S): CaptionHeight = 23
Property(S): BorderTop = 1
Property(S): BorderSide = 1
Property(S): TextHeight = 16
Property(S): TextInternalLeading = 3
Property(S): ColorBits = 32
Property(S): TTCSupport = 1
Property(S): Time = 11:57:33
Property(S): Date = 4/1/2014
Property(S): MsiNetAssemblySupport = 4.0.30319.17929
Property(S): MsiWin32AssemblySupport = 6.2.9200.16384
Property(S): RedirectedDllSupport = 2
Property(S): MsiRunningElevated = 1
Property(S): DATABASE = C:\Windows\Installer\73650.msi
Property(S): OriginalDatabase = C:\Users\BOMSVC~1\AppData\Local\Temp\MBAMServer.2.1.0117.0.msi
Property(S): UILevel = 5
Property(S): Preselected = 1
Property(S): CostingComplete = 1
Property(S): OutOfDiskSpace = 0
Property(S): OutOfNoRbDiskSpace = 0
Property(S): PrimaryVolumeSpaceAvailable = 0
Property(S): PrimaryVolumeSpaceRequired = 0
Property(S): PrimaryVolumeSpaceRemaining = 0
Property(S): CurrentUser = KALPATARUGROUP\S-1-5-21-462901161-2028365903-2773613984-13552
Property(S): SOURCEDIR = C:\Users\BOMSVC~1\AppData\Local\Temp\
Property(S): SourcedirProduct = {D81934D7-20FC-46A9-9F2D-009961EAAA33}
Property(S): CompRepURLFolder = Microsoft+BitLocker+Administration+and+Monitoring
Property(S): ProductToBeRegistered = 1
MSI (s) (64:6C) [11:57:33:423]: MainEngineThread is returning 1603
MSI (s) (64:C8) [11:57:33:423]: RESTART MANAGER: Session closed.
MSI (s) (64:C8) [11:57:33:423]: No System Restore sequence number for this installation.
MSI (s) (64:C8) [11:57:33:439]: User policy value 'DisableRollback' is 0
MSI (s) (64:C8) [11:57:33:439]: Machine policy value 'DisableRollback' is 0
MSI (s) (64:C8) [11:57:33:439]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (64:C8) [11:57:33:439]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI (s) (64:C8) [11:57:33:439]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI (s) (64:C8) [11:57:33:439]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (s) (64:C8) [11:57:33:454]: Destroying RemoteAPI object.
MSI (s) (64:B4) [11:57:33:454]: Custom Action Manager thread ending.
MSI (c) (C4:BC) [11:57:33:454]: Back from server. Return value: 1603
MSI (c) (C4:BC) [11:57:33:454]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (C4:BC) [11:57:33:454]: PROPERTY CHANGE: Deleting SECONDSEQUENCE property. Its current value is '1'.
Action ended 11:57:33: ExecuteAction. Return value 3.
MSI (c) (C4:BC) [11:57:33:454]: Doing action: FatalError
Action 11:57:33: FatalError.
Action start 11:57:33: FatalError.
VM-
Shailendra DevIs the user a member of local administrator group on MBAM web server.
Can you share the complete log files publicly on Google drive or share drive or drop box?
What exact steps you are doing for the installation. Have you completed all of the pre-requisites?
Gaurav Ranjan -
SQL Error on MBAM ISS server while MBAM client encryption
Hi
While I am starting the encryption through MBAM client getting below error..
unable to connect to the MBAM recovery and hardware service
An error occurred while sending encryption status data
for resolve this issue I have done the
http://support.microsoft.com/kb/2612822?wa=wsignin1.0
Also on MBAM server (where Self service and monitoring components installed)I am getting below SQl error while encryption starts on MBAM client machines. can you please suggest for resolve this issue
Error:-
Log Name: Application
Source: ASP.NET 2.0.50727.0
Date: 4/2/2014 2:50:15 PM
Event ID: 1310
Task Category: Web Event
Level: Warning
Keywords: Classic
User: N/A
Computer: BOMVMSSIPS01.KALPATARUGROUP.COM
Description:
Event code: 100002
Event message: SQL error occured
Event time: 4/2/2014 2:50:15 PM
Event time (UTC): 4/2/2014 9:20:15 AM
Event ID: 502b42574bbf4c95b66fea631dbf3428
Event sequence: 42
Event occurrence: 41
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/2/ROOT/MBAMComplianceStatusService-1-130409000569502687
Trust level: Full
Application Virtual Path: /MBAMComplianceStatusService
Application Path: C:\inetpub\Microsoft BitLocker Management Solution\Compliance Status Service\
Machine name: BOMVMSSIPS01
Process information:
Process ID: 2580
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: SqlException
Exception message: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured
to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)
Request information:
Request URL:
Request path:
User host address:
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 15
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParser.Connect(ServerInfo serverInfo, SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, SqlConnection owningObject,
Boolean withFailover)
at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject, Boolean withFailover)
at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String host, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, Int64 timerStart)
at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options)
at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.SqlClient.SqlConnection.Open()
at Microsoft.MBAM.ReportingService.DataProcessor.ProcessStatusReportInfo(StatusInfoType reportInfo)
Custom event details:
Application: MBAMComplianceStatusService
Sql Server:
Database: MBAM Compliance Status
Sql ErrorCode: -1
Error Message: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured
to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ASP.NET 2.0.50727.0" />
<EventID Qualifiers="32768">1310</EventID>
<Level>3</Level>
<Task>3</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-04-02T09:20:15.000000000Z" />
<EventRecordID>9161</EventRecordID>
<Channel>Application</Channel>
<Computer>BOMVMSSIPS01.KALPATARUGROUP.COM</Computer>
<Security />
</System>
<EventData>
<Data>100002</Data>
<Data>SQL error occured</Data>
<Data>4/2/2014 2:50:15 PM</Data>
<Data>4/2/2014 9:20:15 AM</Data>
<Data>502b42574bbf4c95b66fea631dbf3428</Data>
<Data>42</Data>
<Data>41</Data>
<Data>0</Data>
<Data>/LM/W3SVC/2/ROOT/MBAMComplianceStatusService-1-130409000569502687</Data>
<Data>Full</Data>
<Data>/MBAMComplianceStatusService</Data>
<Data>C:\inetpub\Microsoft BitLocker Management Solution\Compliance Status Service\</Data>
<Data>BOMVMSSIPS01</Data>
<Data> Application: MBAMComplianceStatusService
Sql Server:
Database: MBAM Compliance Status
Sql ErrorCode: -1
Error Message: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured
to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)
</Data>
<Data>2580</Data>
<Data>w3wp.exe</Data>
<Data>NT AUTHORITY\NETWORK SERVICE</Data>
<Data>SqlException</Data>
<Data>A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to
allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>
</Data>
<Data>False</Data>
<Data>
</Data>
<Data>NT AUTHORITY\NETWORK SERVICE</Data>
<Data>15</Data>
<Data>NT AUTHORITY\NETWORK SERVICE</Data>
<Data>False</Data>
<Data> at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParser.Connect(ServerInfo serverInfo, SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, SqlConnection owningObject,
Boolean withFailover)
at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject, Boolean withFailover)
at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String host, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, Int64 timerStart)
at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options)
at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.SqlClient.SqlConnection.Open()
at Microsoft.MBAM.ReportingService.DataProcessor.ProcessStatusReportInfo(StatusInfoType reportInfo)
</Data>
</EventData>
</Event>
Shailendra DevYou are using Java import syntax. You should use @page directive in JSP pages. Refer to: http://java.sun.com/products/jsp/syntax/2.0/syntaxref2010.html
[The line "org.apache.jasper.JasperException: /result.jsp(1,4) Invalid directive"
in the stack trace tells you that there is no @import directive] -
MBAM server issues connecting to SQL database
Hi,
I've recently setup and configured MBAM, however the Application Log on the MBAM server shows lots of the following errors:
Event code: 100002
Event message: SQL error occured
Event time: 05/10/2011 3:55:55 PM
Event time (UTC): 05/10/2011 7:55:55 AM
Event ID: 85c2614c7ff44f91b511b228aa6063a4
Event sequence: 16
Event occurrence: 15
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/2/ROOT/MBAMComplianceStatusService-1-129622739405401050
Trust level: Full
Application Virtual Path: /MBAMComplianceStatusService
Application Path: C:\inetpub\Malta BitLocker Management Solution\MBAM Compliance Status Service\
Machine name: HZL-MAN-016
Process information:
Process ID: 780
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: SqlException
Exception message: Login failed for user 'DOMAIN\HZL-MAN-016$'.
Request information:
Request URL:
Request path:
User host address:
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 3
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject)
at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String host, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, Int64 timerStart)
at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options)
at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.SqlClient.SqlConnection.Open()
at Microsoft.MBAM.ReportingService.DataProcessor.ProcessStatusReportInfo(StatusInfoType reportInfo)
Custom event details:
Application: MBAMComplianceStatusService
Sql Server: HZLSQL05
Database: MBAM Compliance Status
Sql ErrorCode: 18456
Error Message: Login failed for user 'DOMAIN\HZL-MAN-016$'.
Can anyone help ? The SQL server that hosts the MBAM databases shows the following logs:
Login failed for user 'DOMAIN\HZL-MAN-016$'. [CLIENT: xxx.xxx.xxx.64]
Thanksjust noticed in the Details view of the Event 18456 on the SQL server that it references the master database, do I need to do anything to the master database to make this work ? Error below:
+
System
Provider
[ Name]
MSSQLSERVER
EventID
18456
[ Qualifiers]
49152
Level
0
Task
4
Keywords
0x90000000000000
TimeCreated
[ SystemTime]
2011-10-18T01:12:37.000000000Z
EventRecordID
1515127
Channel
Application
Computer
HZLSQL05.int.bgc-contracting.com.au
Security
[ UserID]
S-1-5-21-1183060287-1205496975-829235722-104624
EventData
BGCCP\HZL-MAN-016$
[CLIENT: 172.xxx.xxx.xxx]
184800000E0000000900000048005A004C00530051004C00300035000000070000006D00610073007400650072000000
Binary data:
In Words
0000: 00004818 0000000E 00000009 005A0048
0008: 0053004C 004C0051 00350030 00070000
0010: 006D0000 00730061 00650074 00000072
In Bytes
0000: 18 48 00 00 0E 00 00 00 .H......
0008: 09 00 00 00 48 00 5A 00 ....H.Z.
0010: 4C 00 53 00 51 00 4C 00 L.S.Q.L.
0018: 30 00 35 00 00 00 07 00 0.5.....
0020: 00 00 6D 00 61 00 73 00 ..m.a.s.
0028: 74 00 65 00 72 00 00 00 t.e.r... -
Upgrading from MBAM 1.0 to 2.5 on the Administration and Monitoring server (database server already upgraded). To upgrade the administration server, I uninstalled MBAM 1.0 -> Deleted the MBAM website from IIS manually -> Reboot -> Installed MBAM
2.5. After upgrade if I go to selfservice portal via
https://myserver.mycompany.com/selfservice, I get this error:
Server Error in '/SelfService' Application.
Could not load file or assembly 'System.Web.WebPages.Razor,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its
dependencies. The system cannot find the file specified.
Description:
An unhandled exception occurred during the execution of the current web
request. Please review the stack trace for more information about the error and
where it originated in the code.
Exception Details:
System.IO.FileNotFoundException: Could not load file or assembly
'System.Web.WebPages.Razor, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot
find the file specified.
Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of the
exception can be identified using the exception stack trace below.
Stack Trace:
[FileNotFoundException: Could not load file or assembly 'System.Web.WebPages.Razor, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.]
System.Web.Mvc.PreApplicationStartCode.Start() +0
[InvalidOperationException: The pre-application start initialization method Start on type System.Web.Mvc.PreApplicationStartCode threw an exception with the following error message: Could not load file or assembly 'System.Web.WebPages.Razor, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified..]
System.Web.Compilation.BuildManager.InvokePreStartInitMethodsCore(ICollection`1 methods, Func`1 setHostingEnvironmentCultures) +12980619
System.Web.Compilation.BuildManager.InvokePreStartInitMethods(ICollection`1 methods) +12980328
System.Web.Compilation.BuildManager.CallPreStartInitMethods(String preStartInitListPath, Boolean& isRefAssemblyLoaded) +280
System.Web.Compilation.BuildManager.ExecutePreAppStart() +172
System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters, PolicyLevel policyLevel, Exception appDomainCreationException) +1151
[HttpException (0x80004005): The pre-application start initialization method Start on type System.Web.Mvc.PreApplicationStartCode threw an exception with the following error message: Could not load file or assembly 'System.Web.WebPages.Razor, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified..]
System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +12979668
System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +159
System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +12819261
Anyone know how to solve this? Thanks in advanceSorry for late response. I fixed the issue by installing the correct version of ASP .NET 4 from
here.
If .NET Framework 4.5 is already installed, also run aspnet_regiis -i from C:\windows\microsoft.net\Framework\v4.0.30319 -
Windows 8.1 Device Encryption and MBAM
According to this TechNet article http://technet.microsoft.com/en-us/library/dn306081.aspx Windows 8.1 now has a feature called device encryption that will encrypt the drive
after windows installation. It says in the above TechNet article that "If you have configured this Group
Policy setting with the option Save BitLocker recovery information to Active Directory Domain
Services unchecked, device encryption will be prevented because device encryption requires that the recovery password be backed up to AD DS if the device
is domain-joined." Is there any way to get MDOP 2014 (mainly MBAM 2.5) to put the recovery key on our MBAM server? We are currently using MBAM 1.0 and are planning to upgrade. If this request is possible then it will accelerate our upgrade plans.
Thanks for your help!Hi,
MBAM stores the recovery key in the MBAM database. You have to configure GPO using the MBAM admx files and install MBAM Client on your target machines.
/Oliver -
MBAM 1.0 and Windows 8.1
Hello,
Is it possible and supported to install MBAM 1.0 on Windows 8.1 Enterprise?
Thanks,
Nick.No. you will need at least MBAM 2.0 SP1 to encrypt the windows 8.1 machine, here are release notes for MBAM 2.0 SP1 for more information, http://technet.microsoft.com/en-us/library/dn505770.aspx
Mayank Sharma Support Engineer at Microsoft working in Enterprise Platform Support. -
Recovery key from MBAM for non TPM machines
Hi,
Since long time am trying to find answer about below query but unlucky , can some one guide me if this is feasiable or not?
1. I have non TPM Machines and want to use Bitlocker with MBAM.
2. if I will use the USB flash driver as start-up key during machine start-up than can we get the recovery key from MBAM (self service or helpdesk portal) if I lost the USB flash drive ?
Shailendra DevHi,
For Windows 7 computers TPM is a requirement for Windows 8 / 8.1 it is not, so it depends in what client OS you want to manage.
See the documentation:
http://technet.microsoft.com/en-us/library/dn145046.aspx
Regards,
Jörgen
-- My System Center blog ccmexec.com -- Twitter
@ccmexec
Maybe you are looking for
-
Active Directory accounts no longer connect to Server
I administrate a small office network. We have a Windows 2000 Server with active directory and a Windows 2003 Storage Server Appliance. (From Iomega) After upgrading to 10.4.8 (it seems), our Mac integrated to the Active Directory has had problems co
-
Tasks not synching right.
Since using iCloud, my Outlook 2007 tasks have been creating duplicate reminders. I am syncing the tasks with my iPhone 4. If I view the tasks on my computer, there is just one item per task. However I get duplicate reminder boxes. And if I don't
-
How can I remove the 90 day wait until I can use a new Apple ID on iTunes?
I recently bought a like new MacBook Pro Retina that only had 16 battery cycles. It was sold to the person I bought it from in March 2013. he sent me the original receipt from the Apple store also.I contacted Apple and they helped me set up a new App
-
What are the 3-bit field choices for Hw_Arm_Sel in PCI-6601
Hi, I am programming our own driver to operate the PCI-6601. For our application we need hardware arm option. I know it is possible to use 2 counters for that, but NI-TIO should support also hw_arm. Although it is not explained in the registry docume
-
ABOUT MENU PROBLEM IN DEVELOPER 2000
I WANT TO GET THE HELP & WINDOW MENU IN THE SEQUENCE OF WINDOW AND HELP SEQUENCE BUT I'M FELLING IT DIFFICULT HELP ME FOR THE MENUS