SCCM has MBAM solution integrated inside to it. So basically only MBAM standalone solution will expire.
MBAM decommissioning: solutions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 11%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3E4%3C/text%3E%3C/svg%3E)
49885604
235
Reputation points
Hi everyone,
one of my clients has MBAM for managing the encryption of laptops and removable disks, MBAM server + SQL database and Web Portal for key management.
MBAM will be decommissioned and the customer would like to replace it, they already have SCCM and before evaluating the move to Intune, I'd like to evaluate the use of SCCM. What are the use scenarios for SCCM and any impacts? In particular:
-Key database;
-Migration of existing database;
-Active Directory;
-Web management portal as was done with MBAM;
-Self Service Portal.
Thank you in advance,
Alessio.
Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Server | User experience | Other
Microsoft Security | Intune | Other
Microsoft Security | Intune | Other
Other Intune-related topics, including unsupported scenarios and platform-specific behaviors
3 answers
Sort by: Most helpful
-
Pavel yannara Mirochnitchenko 13,451 Reputation points MVP2024-04-02T10:19:07.5233333+00:00 -
Simon Ren-MSFT 40,386 Reputation points Microsoft External Staff2024-04-01T09:15:20.3733333+00:00 Hi,
Thank you for posting in Microsoft Q&A forum.
We can seamlessly migrate management from MBAM to Configuration Manager. When we deploy BitLocker management policies in Configuration Manager, clients automatically rotate their keys and upload them to the Configuration Manager recovery service.
There is no MBAM database in Configuration Manager. All information pertaining to BitLocker management in Configuration Manager including recovery passwords are stored in the Configuration Manager database. The passwords simply get resaved to the Configuration Manager database.
For more detailed information, please refer to:
How to migrate standalone MBAM to SCCM for bitlocker
MBAM Server Migration To Microsoft Endpoint Manager
Move standalone MBAM to SCCM Integrated MBAM
Thanks for your time. Have a nice day!
Best regards,
Simon
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Thameur-BOURBITA 36,526 Reputation points Moderator2024-03-30T14:35:42.14+00:00 Hi @49885604
Bitlocker can be managed by intune , but the device must be Microsoft Entra joined or Microsoft Entra hybrid joined.
For more information you can refer to this Microsoft article :
Manage BitLocker policy for Windows devices with Intune
Please don't forget to accept helpful answer which helps users to know the answer solved the author's problem.