Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

How can we improve Configuration Manager?

← Ideas

Support MBAM / Bitlocker Management IIS roles on CMG

Seeing how the Recovery Service endpoint only requires IIS and a Management Point role, would it be feasible to have the endpoint run on CMG?

Internet-based clients in a co-management environment cannot reach the internal MP URL. Unless they use a VPN connection. We could leverage the BitLocker CSP policies available in Intune but that doesn't offer integration with recovery keys stored in the SQL DB, or the Helpdesk and Self-Service portals.

Supporting the MBAM role through CMG could be a quick win.

42 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Merlin from Belgium [ob-V-us] shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

2 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Brandon commented  ·   ·  Flag as inappropriate

    This is sorely needed, over half of our clients are only connecting in via the CMG and we need to be able to roll out BitLocker to them via MECM.

  • Popovici Ioan commented  ·   ·  Flag as inappropriate

    Yeah key escrow via CMG would be awesome, with everyone at home now MBAM is basically useless without VPN

Ideas: Endpoint Protection

Categories

Feedback and Knowledge Base

(thinking…)