MBAM migration - Is it now managed by MEM viewable in console

JG 396 Reputation points
2022-09-06T11:36:05.47+00:00

We have started our migration from standalone MBAM to MEM managed bitlocker.
Is there an easy way to show in the console if MEM is now managing MBAM on a client and if a recovery key has been escrowed to the DB? This would be a really good couple of columns to have for quick and easy viewing.

I am currently running sql queries directly on the DB to see if a recovery key has been escrowed (to positively confirm) but going forward- this info needs to be available in the console for support staff to be able to find easily so they know which portal to check for a recovery key/ check the client is working as expected and migrating ok.

Thanks

Microsoft Configuration Manager
0 comments No comments
{count} votes

Accepted answer
  1. Jason Sandys 31,151 Reputation points Microsoft Employee
    2022-09-06T16:34:21.687+00:00

    By MEM, here, I assume you mean ConfigMgr.

    Also, just to clarify, ConfigMgr doesn't manage MBAM, it manages BitLocker. It does this using an agent which is more or less the same agent as MBAM uses and is (effectively) part of the ConfigMgr agent.

    As for determining whether or not a BitLocker RK has been escrowed to the ConfigMgr DB, there are built-in reports for this: https://www.prajwaldesai.com/sccm-bitlocker-reports-in-configmgr-console/. You can also create your own reports or queries in the console. I believe there are folks that have made console extensions as well.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful