BitLocker Administration and Monitoring: Part 2

After you complete installation of the server components, you can test the installation by opening a web browser on a computer and going to https://<server_name>/helpdesk. You should see a screen like this:

1

This will serve as the portal for your help desk to access recovery keys. The Drive Recovery node is where your help desk will spend most of their time. It looks like this:

2

The help desk can look up the recovery key by providing this required information. The only required information is the Key ID that is displayed on the end user’s screen. The User domain and ID fields are for reporting purposes.

To test the self-service portal, go to https://server_name/selfservice. After you log in, you will see an acknowledgement that you can customize. When you click through that, you will see the area where a user can request their recovery key.

3

Again, the user will have to enter the displayed recovery key ID and a reason for the request. This activity is viewable from the reports on the help desk site.

Deploying the MBAM Client

Each Windows device also needs to have the MBAM client installed. The client is included on the MDOP DVD. You can use Active Directory, ConfigMgr, or any other software deployment system to install the MBAM client. A full command line parameter reference can be found here: https://technet.microsoft.com/en-us/library/dn645348.aspx. I would first recommend extracting the MSI. You can add a few more options by directly using the MSI instead of the standard EXE. Here’s the command:

MbamClientSetup.exe /extract <extraction directory> /acceptEULA=Yes

After you have the MSI, here’s a basic installation command:

msiexec /i MbamClientSetup-2.5.1100.0.msi /qn ALLUSERS=1 REBOOT=ReallySuppress

Of course, this command must be executed from the directory containing the MSI. You can also add a path in front of the MSI file if that is not possible.

After the client installation is complete, the GPO’s will take affect for configuration. We will talk about the GPO’s and recovering a key in Part 3.

Share:

Facebook
Twitter
LinkedIn

Contact Us

=
On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
WME Cybersecurity Briefings No. 008
Cyber Security

WME Security Briefing 03 May 2024

Security Bulletin: MITRE Corporation Targeted by Nation-State Cyber Attack Overview The MITRE Corporation, a prominent security and cybersecurity researcher in the USA, has fallen prey to compromise in its environment because of a sophisticated cyberattack from

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=