Menu
CCMEXEC.COM – Enterprise Mobility
  • Home
  • General
  • Configuration Manager
  • Windows 10
  • Intune
  • GitHub
  • Windows 11
  • About the author
CCMEXEC.COM – Enterprise Mobility

MBAM integration in Configuration Manager 1909 TP

Posted on September 28, 2019October 9, 2019 by Jörgen Nilsson

One feature I am really excited about that are coming to Configuration Manager is the Integration of he MBAM server features. This will save us time and money because we don’t have to use separate servers for MBAM. We don’t have to manage and update neither the MBAM client or the Server backend. I wrote a post on what is new in 1908 technical preview here: https://ccmexec.com/2019/09/sccm-integrated-mbam-services-in-technical-preview-180-2/

In 1909 TP we got more features basically we got the posibility to install both the Helpdesk portal and the self-service portal that is included in MBAM. This is great because then we have those features separate from the SCCM Admin console.

I had to try this out of course: Before I installed the portals I had to install the Prereq: ASP.NET MVC 4.0 (I actually forgot and had to go back and install it when the self-service portal didn’t load.)

To install it we need to copy the following files, mbamwebsite.cab, mbamwebsiteinstaller.ps1
I copied them from the ConfigMgr install Dir to a temp directory:

Before I run the PowerShell command I created the three groups neded:
-MBAMHelpdesk
-MBAMAdmins
-MBAMReports

Then I ran the following command line in my environment to setup both the portals in my SCCM Primary site server:

.\MBAMWebSiteInstaller.ps1 -SqlServerName CMTP5.intra.ccmexec.local -SqlDatabaseName CM_TPM -ReportWebServiceUrl https://cmtp5.intra.ccmexec.local/ReportServer -HelpdeskUsersGroupName intra\mbamhelpdesk -HelpdeskAdminsGroupName intra\mbamAdmins -MbamReportUsersGroupName intra\MBAmreports -SiteInstall Both

And it worked the first time!

The scripts created the websites, reports and sets the correct permissions. So if we look in IIS manager we have the new websites there:

Browsing to HTTPS://cmtp5.intra.ccmexec.local/Helpdesk and the helpdesk portal works as expected and looks exactly as it did in MBAM before.

The same goes for the Self-Service Portal.
I accept the user agreement and then I can request my recovery keys.

Bitlocker reports

We have new reports as well, and after the fix that is documented here: https://docs.microsoft.com/sv-se/sccm/core/get-started/2019/technical-preview-1909#general-known-issues they worked as well.

Compliance Status Dashboard
Computer Compliance report
Enterprise Compliance summary report
Enterprise Compliance report

This is great news! Now we just need to hold our fingers crossed that it will make it in the Configuration Manager 1910 release!

  • MBAM Integrated SCCM
  • MBAM SCCM
  • MBAM technical preview
  • 5 thoughts on “MBAM integration in Configuration Manager 1909 TP”

    1. Blixa says:
      October 1, 2019 at 4:14 pm

      Whould this also mean that you could use this on customers who currently do not have access to MDOP?

      Reply
      1. Jörgen Nilsson says:
        October 3, 2019 at 6:01 pm

        Hi
        There are no offical documentation yet, hopefully licensing will be announced when MBAM integrated ships in SCCM CB.
        Regards,
        Jörgen

        Reply
    2. Gary Knigge says:
      October 14, 2019 at 8:25 pm

      I am curious how this will work when tranisitioning from MBAM to ConfigMgr management. Do we know if the MBAM client must first be removed to begin ConfigMgr management of BitLocker? Or, can I migrate everyone to using ConfigMgr for BitLocker management and then uninstall the MBAM client?

      Reply
    3. Max Schmidt says:
      October 24, 2019 at 6:43 am

      Hi Jörgen,
      have you already had a look on the TP 1910?
      I have got it installed and when I create a new Policy, there are more Options now. For storing the Key-Package not in Plain-Text, I need to install a Bitlocker Management encryption certificate, but I can’t find any Information about it.
      Do you have an Idea how to move on?

      Regards,
      Max

      Reply
    4. Pingback: System Center Kasım 2019 Bülten – Sertaç Topal

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    My name is Jörgen Nilsson and I work as a Senior Consultant at Onevinn in Malmö, Sweden. This is my blog where I will share tips and stuff for my own and everyone elses use on Enterprise Mobility and Windows related topics.
    All code is provided "AS-IS" with no warranties.

    Tweets by ccmexec

    Recent Posts

    • Windows Servicing, Personal Teams and Success.cmd
    • Windows MDM Security Baseline – Settings Catalog
    • Configuring MS Edge Security Baseline v107 using Settings Catalog
    • Configuring Desktop App Installer using CSP and script?!
    • Customizing Taskbar and Start in Windows 11 22h2 with PowerShell

    ©2023 CCMEXEC.COM – Enterprise Mobility | WordPress Theme by Superb Themes
    This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
    Privacy & Cookies Policy

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT