BitLocker Administration and Monitoring: Part 3

This is the third and final post in a series about MBAM. This post will detail the required GPO’s and will actually recover a key from MBAM.

Group Policy

First, we need to import the Group Policy templates for MBAM. You can download the templates for the entire MDOP pack here: https://microsoft.com/en-us/download/details.aspx?id=41183. Extract the cab file, and copy the BitLockerManagement.admx and BitLockerUserManagement.admx files and the ADML files that corresponds to your language to a domain controller. Insert them into your administrative templates. You will find them at Computer Configuration > Administrative Templates > Windows Components > MDOP MBAM (BitLocker Management). You should set the following policy. It tells the MBAM client where to report.

MDOP MBAM (BitLocker Management) > Client Management

Configure MBAM Services

All other Group Policy options are up to your organization.

You can use the other Group Policies to encrypt the drive. You can also manually encrypt drives using the BitLocker Control Panel applet. You will also notice that there is a new BitLocker Encryption Options Control Panel applet.

1

Recovering a Key

Now that I have a client properly installed, I can recover a key if necessary. I made a BIOS change to my test machine and booted it. You are now presented with a screen that presents a recovery key ID.

2

I can the first 8 characters of the key over to my MBAM self-service page and type it in:

3

After that, I can press Get Key and it will show the recovery key.

The process from the Help Desk portal is the same – input the key and submit. If you want to enter a user domain and ID, you can.

4

Share:

Facebook
Twitter
LinkedIn

Contact Us

=
On Key

More Posts

WME Cybersecurity Briefings No. 014
Cyber Security

WME Security Briefing 14 June 2024

LightSpy Spyware’s macOS Variant Detected with Advanced Surveillance Capabilities Overview Findings reveal a previously undocumented macOS variant of the LightSpy spyware. It was initially thought to target only iOS users. This spyware utilizes a plugin-based system

Read More »
WME Cybersecurity Briefings No. 013
Cyber Security

WME Security Briefing 10 June 2024

CISA Urges Patching of Actively Exploited Linux Kernel Vulnerability Overview CISA just issued an urgent advisory concerning a newly discovered security flaw in the Linux kernel. The flaw is being actively exploited to affect the netfilter component of

Read More »
3 Things to Consider Before You Enable Copilot for Microsoft 365
Microsoft Copilot

3 Things to Consider Before You Enable Copilot for Microsoft 365

In today’s digital landscape, any productivity tool that streamlines workflow and boosts performance is a pleasant addition. With its AI-powered productivity-enhancing capabilities, Microsoft Copilot has emerged as a game-changer for employees, particularly for organizations using Microsoft

Read More »
WME Cybersecurity Briefings No. 012
Cyber Security

WME Security Briefing 03 June 2024

Moroccan Cybercrime Group Exploits Gift Card Systems for Major Financial Gains Overview: Storm-0539, also called Atlas Lion, is a Moroccan cybercrime group that executes advanced email and SMS phishing attacks. They are committing fraud by utilizing

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=