Export (0) Print
Expand All

Preparing your Environment for MBAM 2.0

Updated: April 1, 2013

Applies To: Microsoft BitLocker Administration and Monitoring 2.0

Before beginning Microsoft BitLocker Administration and Monitoring (MBAM) Setup, you should make sure that you have met the prerequisites to install the product. When you know what the prerequisites are ahead of time, you can efficiently deploy the product and enable its features so that it most effectively supports your organization’s business objectives.

If you are deploying Microsoft BitLocker Administration and Monitoring with Microsoft System Center Configuration Manager 2007 or Microsoft System Center 2012 Configuration Manager, see Planning to Deploy MBAM with Configuration Manager.

Review MBAM 2.0 Deployment Prerequisites

The MBAM Client and each of the MBAM Server features have specific prerequisites that must be met before they can be successfully installed.

To ensure successful installation of MBAM Clients and MBAM Server features, ensure that computers specified for MBAM Client or MBAM Server feature installation are properly prepared for MBAM Setup.

noteNote
MBAM Setup checks that all prerequisites are met before installation starts. If all prerequisites are not met, Setup will fail.

MBAM 2.0 Deployment Prerequisites

Plan for MBAM 2.0 Group Policy Requirements

Before MBAM can manage clients in the enterprise, you must define Group Policy for the encryption requirements of your environment.

ImportantImportant
MBAM will not work with policies for stand-alone BitLocker drive encryption. Group Policy settings must be defined for MBAM, or BitLocker encryption and enforcement will fail.

Planning for MBAM 2.0 Group Policy Requirements

Plan for MBAM 2.0 Administrator Roles

MBAM administrator roles are managed by local groups that are created by MBAM Setup when you install the BitLocker Administration and Monitoring Server, the Compliance and Audit Reports feature, and the Compliance and Audit Status Database.

The membership of Microsoft BitLocker Administration and Monitoring roles can best be managed by creating security groups in Active Directory Domain Services, adding the appropriate administrator accounts to those groups, and then adding those security groups to the BitLocker Administration and Monitoring local groups. For more information, see How to Manage MBAM Administrator Roles.

Other Resources for MBAM Planning

-----
You can learn more about MDOP in the TechNet Library, search for troubleshooting on the TechNet Wiki, or follow us on Facebook or Twitter.
-----
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft