Determining why a Device Receives a Noncompliance Message
The following noncompliance codes are provided by WMI and describe the reasons why a particular device is reported by MBAM as noncompliant.
You can use your preferred method to view WMI. If you use PowerShell, run gwmi -class mbam_volume -Namespace root\microsoft\mbam
from a PowerShell prompt and search for ReasonsForNoncompliance.
Non-Compliance Code | Reason for Non-Compliance |
---|---|
0 |
Cipher strength not AES 256. |
1 |
MBAM Policy requires this volume to be encrypted but it is not. |
2 |
MBAM Policy requires this volume to NOT be encrypted, but it is. |
3 |
MBAM Policy requires this volume use a TPM protector, but it does not. |
4 |
MBAM Policy requires this volume use a TPM+PIN protector, but it does not. |
5 |
MBAM Policy does not allow non TPM machines to report as compliant. |
6 |
Volume has a TPM protector but the TPM is not visible (booted with recover key after disabling TPM in BIOS?). |
7 |
MBAM Policy requires this volume use a password protector, but it does not have one. |
8 |
MBAM Policy requires this volume NOT use a password protector, but it has one. |
9 |
MBAM Policy requires this volume use an auto-unlock protector, but it does not have one. |
10 |
MBAM Policy requires this volume NOT use an auto-unlock protector, but it has one. |
11 |
Policy conflict detected preventing MBAM from reporting this volume as compliant. |
12 |
A system volume is needed to encrypt the OS volume but it is not present. |
13 |
Protection is suspended for the volume. |
14 |
AutoUnlock unsafe unless the OS volume is encrypted. |
15 |
Policy requires minimum cypher strength is XTS-AES-128 bit, actual cypher strength is weaker than that. |
16 |
Policy requires minimum cypher strength is XTS-AES-256 bit, actual cypher strength is weaker than that. |
Related topics
Technical Reference for MBAM 2.5
Configuring MBAM 2.5 Server Features by Using Windows PowerShell
Got a suggestion for MBAM?
For MBAM issues, use the MBAM TechNet Forum.