Integrate MBAM fully in Configuration Manager
Integrate MBAM fully in Configuration Manager so Bitlocker key management can be done from Configuration Manager.
The first slide of this is shipped as part of #MemCM / #ConfigMgr 1910. We have much more innovation and improvement planned for this feature set. Please give us more feedback on what you’d like to see us do in this area.
Aaron W commented
Also, can we provide a security mechanism (i,e "Bitlocker Manager" role) so that SCCM administrators can have access to view BL device keys for a collection/scope of machines within the console itself.
Kevin Fason commented
MBAM ends mainstream support on 7/9/2019 and completely on 7/9/2024. I noticed this a few months ago when we were going to (finally) roll out MBAM. We chose not to. Not sure this feature is worth pursuing unless they release v3 or sp2.
This would be an awesome feature. Setting up MBAM for the first time was a nightmare. Documentation for it is poor at best when looking for how to correctly install and set up alongside SCCM. SCCM needs to be the first and last stop for client management. Including both MBAM and LAPS directly in the SCCM Client would be ideal.
Michal Zyzak commented
And natively combine drive encryption enforcement into SCCM Compliance Baselines!
Alan Dooley commented
Absolutely. Remove the need for 2 databases, 2 clients, complex installation etc...
Rodrigo Fronza commented
in addition to this integration, could have dashboard with an overview of the encrypted devices, the reports could already be within the SCCM.