Jump to content


Recommended Posts

ok well there's nothing there at all so this is not working, pm me your teamviewer details if you want me to connect and take a look

Share this post


Link to post
Share on other sites

So after doing more testing found out that its the VPN issue. My test machine even the laptops when they go to office network the keys get populates and encryption starts Silently.

Now the question is why it don't get populated when its connected to VPN even after it try check in with SCCM server once connected?

Share this post


Link to post
Share on other sites

I've asked a PM in Microsoft for comment on this, it could be that your vpn solution is blocking some communication between the clients and the MP, but let's see what he says

Share this post


Link to post
Share on other sites

Hi Niall, 

 

I'm currently running MECM 2002 and I have followed your guides but I want to use the bitlocker encryption certificate  so I have followed the Microsoft documentation. I have created the cert but I get and error when trying to produce the policy in MECM. The error is Plain text storage of recovery information required when the Bitlocker Management encryption certificate has not been deployed. Where do I have to deploy it too? I have two management points both on prem one is an IBCM both using HTTPS. Thank you

EDIT: I had the policy open while I created the cert. Closing the policy window and relaunching fixed the issue. Thank you

Edited by Hectaaaa
Fixed it.
  • Like 1

Share this post


Link to post
Share on other sites

Quick Question, 

Currently we are in the process of switching to co management but still pilot testing. I just found out that Intune has it's own Bitlocker management tools so did I waist all my time setting up on-prem MBAM? or can I still use it to access and manage key information? If I can still use it, is it possible to setup the Self service portal on an IBCM point? It is currently setup on the primary management point that is setup for Intranet clients only. 

 

Also sorry if I am posting this in the wrong area still learning how to navigate the site. 

Thank you,

Share this post


Link to post
Share on other sites

Having your Bitlocker Management keys stored on your on premise database (ConfigMgr) is an asset to many customers, and also gives you time to migrate to Intune and see the different ways it can manage your recovery keys,

you could create an Azure web app proxy to connect back to the on-premise  server handling the requests.

  • Like 1

Share this post


Link to post
Share on other sites

Hello Windows-Noob ;)

I have implemented already 2 years ago IBCM - PKI infrastructure - however when I try to execute Bitlocker I 'm still getting following error

Unable to find suitable Recovery Service MP. Forcing policy non-compliant.

I always thought everything was going well ;)  - no issues with deploying software - no issues with policies/ configuration baseline - no issues with windows updates BUT we have a SCCM HTTP (lab) and there I saw that the client indicates his 'Assigned Management Point' and that is not the case with our non domain/workgroup machines. In LocationServices LOG there is the following error  1 internet MP errors in the last 10 minutes, threshold is 5.

So my guess is there is something wrong !! I saw blogs on the internet for IBCM PKI enabled where Assigned Management Point entry is filled in.

Anyone ?

bitlocker_1.png

bitlocker_2.png

bitlocker_3.png

bitlocker_4.png

Share this post


Link to post
Share on other sites

hiya and welcome,

can you look at the network tab of your IBCM client ? my (co managed, forced internet client) looks like this

image.png

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.