I have always liked Microsoft BitLocker Administration and Monitoring(MABM) as it provides us with additional functionality compared to saving the BitLocker recovery key in Active Directory. MBAM brings us for example:– Protection against accidental deletion of AD computer object (Separate DB)– Key rotation– Self-Service– Role based access to Recovery Keys– Compliance reporting – Escrowing TPM…
Tag: MBAM
SCCM integrated MBAM services in Technical Preview 1908.2
Spent last night testing this one out, Microsoft Bitlocker and Managment tool built in SCCM. This is one of the big features me and all my customers are looking forward to! It will make managing MBAM much easier than today by providing:– MBAM client being part of the SCCM client, so no separate installation and…
MBAM TPM Password Hash and Windows 10 1607
In Windows 10 1607 the TPM Password Hash is no longer accessible from within windows. This is design change to increase the Security in windows 10 which you can read more about here: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/change-the-tpm-owner-password Quote: “Starting with Windows 10, version 1607, Windows will not retain the TPM owner password when provisioning the TPM. The password…