Have you deployed MBAM for manage your BitLocker encrypted computers out there? If you enable BitLocker with MBAM during OSD there are many guides on how you should do. Most of these involve a script, probably from Deployment Guys, and this script will set a bunch of registry settings, involving setting HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MBAM\DeploymentTime equals 1.

This if fine and a perfect solution, just make sure that the registry keys are removed after installation or after the encryption started. If you don’t you will encounter problems like new keys are not reported to MBAM server, MBAM GUI will not show… There are no indication of this in the event log files, because DeploymentTime=1 makes sure MBAM is working in a silent way.

 

Deploy MBAM: http://technet.microsoft.com/en-us/library/dn145025.aspx

Deploy MBAM in OSD: http://technet.microsoft.com/en-us/library/jj571532.aspx

http://blogs.technet.com/b/deploymentguys/archive/2012/02/20/using-mbam-to-start-bitlocker-encryption-in-a-task-sequence.aspx

Advertisements