Edición del archivo Configuration.mof

Se aplica a: Microsoft BitLocker Administration and Monitoring 2.0, Microsoft BitLocker Administration and Monitoring 2.0 SP1

Para permitir que los equipos cliente notifiquen los detalles de cumplimiento de BitLocker a través de informes de Configuration Manager de MBAM, debe editar el archivo Configuration.mof, tanto si usa Configuration Manager 2007 como si usa System Center 2012 Configuration Manager. Complete las siguientes instrucciones para la versión de Configuration Manager que esté utilizando.

Importante

Si está instalando Microsoft BitLocker Administration and Monitoring (MBAM) 2.0 Service Pack 1 (SP1), ya sea una instalación nueva o una actualización de una versión anterior, vea el artículo correspondiente en Acerca de MBAM 2.0 SP1 como se describe en las viñetas siguientes:

  • Para una instalación nueva de MBAM 2.0 SP1, vea Archivos necesarios para la instalación de MBAM 2.0 SP1 si está utilizando MBAM con Configuration Manager.

  • Para una actualización a MBAM 2.0 SP1, vea Actualizar el archivo configuration.mof si actualiza a MBAM 2.0 SP1 y está utilizando MBAM con Configuration Manager 2007.

Para crear el archivo configuration.mof si está utilizando MBAM 2.0 SP1 con Configuration Manager

  1. Consulte la nota “Importante” sobre MBAM 2.0 SP1 que aparece anteriormente en este tema para obtener las instrucciones correspondientes que se deben seguir en Acerca de MBAM 2.0 SP1.

Para editar el archivo Configuration.mof para System Center 2012 Configuration Manager

  1. En el servidor de Configuration Manager, busque la ubicación del archivo Configuration.mof:

    <ubicaciónDeInstalaciónDeCM>\Inboxes\clifiles.src\hinv\

    En una instalación predeterminada, la ubicación de instalación es %systemdrive%\Archivos de programa\Microsoft Configuration Manager.

  2. Edite el archivo Configuration.mof para anexar las siguientes clases de MBAM:

    //===================================================
    
    // Microsoft BitLocker Administration and Monitoring 
    
    //===================================================
    
    #pragma namespace ("\\\\.\\root\\cimv2")
    
    #pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL)
    
    [Union, ViewSources{"select DeviceId, BitlockerPersistentVolumeId, BitLockerManagementPersistentVolumeId, BitLockerManagementVolumeType, DriveLetter, Compliant, ReasonsForNonCompliance, KeyProtectorTypes, EncryptionMethod, ConversionStatus, ProtectionStatus, IsAutoUnlockEnabled from Mbam_Volume"}, ViewSpaces{"\\\\.\\root\\microsoft\\mbam"}, dynamic, Provider("MS_VIEW_INSTANCE_PROVIDER")]
    
    class Win32_BitLockerEncryptionDetails
    
    {
    
        [PropertySources{"DeviceId"},key]
    
        String     DeviceId;
    
        [PropertySources{"BitlockerPersistentVolumeId"}]
    
        String     BitlockerPersistentVolumeId;
    
        [PropertySources{"BitLockerManagementPersistentVolumeId"}]
    
        String     MbamPersistentVolumeId;
    
        //UNKNOWN = 0, OS_Volume = 1, FIXED_VOLUME = 2, REMOVABLE_VOLUME = 3
    
        [PropertySources{"BitLockerManagementVolumeType"}]
    
        SInt32     MbamVolumeType;
    
        [PropertySources{"DriveLetter"}]
    
        String     DriveLetter;
    
        //VOLUME_NOT_COMPLIANT = 0, VOLUME_COMPLIANT = 1, NOT_APPLICABLE = 2
    
        [PropertySources{"Compliant"}]
    
        SInt32     Compliant;
    
        [PropertySources{"ReasonsForNonCompliance"}]
    
        SInt32     ReasonsForNonCompliance[];
    
        [PropertySources{"KeyProtectorTypes"}]
    
        SInt32     KeyProtectorTypes[];
    
        [PropertySources{"EncryptionMethod"}]
    
        SInt32     EncryptionMethod;
    
        [PropertySources{"ConversionStatus"}]
    
        SInt32     ConversionStatus;
    
        [PropertySources{"ProtectionStatus"}]
    
        SInt32     ProtectionStatus;
    
        [PropertySources{"IsAutoUnlockEnabled"}]
    
        Boolean     IsAutoUnlockEnabled;
    
    };
    
    
    #pragma namespace ("\\\\.\\root\\cimv2")
    
    #pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL)
    
     [DYNPROPS]
    
    Class Win32Reg_MBAMPolicy
    
    {
    
        [key]
    
        string KeyName;
    
    
        //General encryption requirements
    
        UInt32    OsDriveEncryption;
    
        UInt32    FixedDataDriveEncryption;
    
        UInt32    EncryptionMethod;
    
    
        //Required protectors properties
    
        UInt32    OsDriveProtector;
    
        UInt32    FixedDataDriveAutoUnlock;
    
        UInt32    FixedDataDrivePassphrase;
    
    
        //MBAM agent fields
    
        Uint32    MBAMPolicyEnforced;
    
        string    LastConsoleUser;
    
        datetime  UserExemptionDate;
    
        UInt32    MBAMMachineError;
    
    
        // Encoded computer name
    
        string    EncodedComputerName;
    
    };
    
    
    [DYNPROPS]
    
    Instance of Win32Reg_MBAMPolicy
    
    {
    
    KeyName="BitLocker policy";
    
    
        //General encryption requirements
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\MDOPBitLockerManagement|ShouldEncryptOsDrive"),Dynamic,Provider("RegPropProv")]
    
        OsDriveEncryption;
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\MDOPBitLockerManagement|ShouldEncryptFixedDataDrive"),Dynamic,Provider("RegPropProv")]
    
        FixedDataDriveEncryption;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE|EncryptionMethod"),Dynamic,Provider("RegPropProv")]
    
        EncryptionMethod;
    
    
        //Required protectors properties
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|OSVolumeProtectorPolicy"),Dynamic,Provider("RegPropProv")]
    
        OsDriveProtector;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\MDOPBitLockerManagement|AutoUnlockFixedDataDrive"),Dynamic,Provider("RegPropProv")]
    
        FixedDataDriveAutoUnlock;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE|FDVPassphrase"),Dynamic,Provider("RegPropProv")]
    
        FixedDataDrivePassphrase;
    
    
        //MBAM agent fields
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|MBAMPolicyEnforced"),Dynamic,Provider("RegPropProv")]
    
        MBAMPolicyEnforced;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|LastConsoleUser"),Dynamic,Provider("RegPropProv")]
    
        LastConsoleUser;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|UserExemptionDate"),Dynamic,Provider("RegPropProv")]
    
        UserExemptionDate; //Registry value should be string in the format of yyyymmddHHMMSS.mmmmmmsUUU
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|MBAMMachineError"),Dynamic,Provider("RegPropProv")]
    
        MBAMMachineError;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|EncodedComputerName"),Dynamic,Provider("RegPropProv")]
    
        EncodedComputerName;
    
    };
    
    
    #pragma namespace ("\\\\.\\root\\cimv2")
    
    #pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL)
    
    [Union, ViewSources{"select Name,OperatingSystemSKU from Win32_OperatingSystem"}, ViewSpaces{"\\\\.\\root\\cimv2"},
    
    dynamic,Provider("MS_VIEW_INSTANCE_PROVIDER")]
    
    class CCM_OperatingSystemExtended
    
    {
    
        [PropertySources{"Name"},key]
    
        string     Name;
    
        [PropertySources{"OperatingSystemSKU"}]
    
        uint32     SKU;
    
    };
    
    
    #pragma namespace ("\\\\.\\root\\cimv2")
    
    #pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL)
    
    [Union, ViewSources{"select Name,PCSystemType from Win32_ComputerSystem"}, ViewSpaces{"\\\\.\\root\\cimv2"},
    
    dynamic,Provider("MS_VIEW_INSTANCE_PROVIDER")]
    
    class CCM_ComputerSystemExtended
    
    {
    
        [PropertySources{"Name"},key]
    
        string     Name;
    
        [PropertySources{"PCSystemType"}]
    
        uint16     PCSystemType;
    
    };
    
    
    //=======================================================
    
    // Microsoft BitLocker Administration and Monitoring end
    
    //=======================================================
    

Para editar el archivo Configuration.mof para Configuration Manager 2007

  1. En el servidor de Configuration Manager, busque la ubicación del archivo Configuration.mof:

    <ubicaciónDeInstalaciónDeCM>\Inboxes\clifiles.src\hinv\

    En una instalación predeterminada, la ubicación de instalación es %systemdrive%\Archivos de programa (x86)\Microsoft Configuration Manager.

  2. Edite el archivo Configuration.mof para anexar las siguientes clases de MBAM:

    //===================================================
    
    // Microsoft BitLocker Administration and Monitoring 
    
    //===================================================
    
    
    #pragma namespace ("\\\\.\\root\\cimv2")
    
    #pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL) 
    
    [Union, ViewSources{"select DeviceId, BitlockerPersistentVolumeId, BitLockerManagementPersistentVolumeId, BitLockerManagementVolumeType, DriveLetter, Compliant, ReasonsForNonCompliance, KeyProtectorTypes, EncryptionMethod, ConversionStatus, ProtectionStatus, IsAutoUnlockEnabled from Mbam_Volume"}, ViewSpaces{"\\\\.\\root\\microsoft\\mbam"}, dynamic, Provider("MS_VIEW_INSTANCE_PROVIDER")]
    
    class Win32_BitLockerEncryptionDetails
    
    {
    
        [PropertySources{"DeviceId"},key]
    
        String     DeviceId;
    
        [PropertySources{"BitlockerPersistentVolumeId"}]
    
        String     BitlockerPersistentVolumeId;
    
        [PropertySources{"BitLockerManagementPersistentVolumeId"}]
    
        String     MbamPersistentVolumeId;
    
        //UNKNOWN = 0, OS_Volume = 1, FIXED_VOLUME = 2, REMOVABLE_VOLUME = 3
    
        [PropertySources{"BitLockerManagementVolumeType"}]
    
        SInt32     MbamVolumeType;
    
        [PropertySources{"DriveLetter"}]
    
        String     DriveLetter;
    
        //VOLUME_NOT_COMPLIANT = 0, VOLUME_COMPLIANT = 1, NOT_APPLICABLE = 2
    
        [PropertySources{"Compliant"}]
    
        SInt32     Compliant;
    
        [PropertySources{"ReasonsForNonCompliance"}]
    
        SInt32     ReasonsForNonCompliance[];
    
        [PropertySources{"KeyProtectorTypes"}]
    
        SInt32     KeyProtectorTypes[];
    
        [PropertySources{"EncryptionMethod"}]
    
        SInt32     EncryptionMethod;
    
        [PropertySources{"ConversionStatus"}]
    
        SInt32     ConversionStatus;
    
        [PropertySources{"ProtectionStatus"}]
    
        SInt32     ProtectionStatus;
    
        [PropertySources{"IsAutoUnlockEnabled"}]
    
        Boolean     IsAutoUnlockEnabled;
    
    };
    
    
    #pragma namespace ("\\\\.\\root\\cimv2")
    
    #pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL)
    
     [DYNPROPS]
    
    Class Win32Reg_MBAMPolicy
    
    {
    
        [key]
    
        string KeyName;
    
    
        //General encryption requirements
    
        UInt32    OsDriveEncryption;
    
        UInt32    FixedDataDriveEncryption;
    
        UInt32    EncryptionMethod;
    
    
        //Required protectors properties
    
        UInt32    OsDriveProtector;
    
        UInt32    FixedDataDriveAutoUnlock;
    
        UInt32    FixedDataDrivePassphrase;
    
    
        //MBAM agent fields
    
        Uint32    MBAMPolicyEnforced;
    
        string    LastConsoleUser;
    
        datetime  UserExemptionDate;
    
        UInt32    MBAMMachineError;
    
    
        // Encoded computer name
    
        string    EncodedComputerName;
    
    };
    
    
     [DYNPROPS]
    
    Instance of Win32Reg_MBAMPolicy
    
    {
    
        KeyName="BitLocker policy";
    
    
        //General encryption requirements
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\MDOPBitLockerManagement|ShouldEncryptOsDrive"),Dynamic,Provider("RegPropProv")]
    
        OsDriveEncryption;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\MDOPBitLockerManagement|ShouldEncryptFixedDataDrive"),Dynamic,Provider("RegPropProv")]
    
        FixedDataDriveEncryption;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE|EncryptionMethod"),Dynamic,Provider("RegPropProv")]
    
        EncryptionMethod;
    
    
        //Required protectors properties
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|OSVolumeProtectorPolicy"),Dynamic,Provider("RegPropProv")]
    
        OsDriveProtector;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\MDOPBitLockerManagement|AutoUnlockFixedDataDrive"),Dynamic,Provider("RegPropProv")]
    
        FixedDataDriveAutoUnlock;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE|FDVPassphrase"),Dynamic,Provider("RegPropProv")]
    
        FixedDataDrivePassphrase;
    
    
        //MBAM agent fields
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|MBAMPolicyEnforced"),Dynamic,Provider("RegPropProv")]
    
        MBAMPolicyEnforced;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|LastConsoleUser"),Dynamic,Provider("RegPropProv")]
    
        LastConsoleUser;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|UserExemptionDate"),Dynamic,Provider("RegPropProv")]
    
        UserExemptionDate; //Registry value should be string in the format of yyyymmddHHMMSS.mmmmmmsUUU
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|MBAMMachineError"),Dynamic,Provider("RegPropProv")]
    
        MBAMMachineError;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|EncodedComputerName"),Dynamic,Provider("RegPropProv")]
    
        EncodedComputerName;
    
    };
    
    
    #pragma namespace ("\\\\.\\root\\cimv2")
    
    #pragma deleteclass("Win32Reg_MBAMPolicy_64", NOFAIL)
    
    [DYNPROPS]
    
    Class Win32Reg_MBAMPolicy_64
    
    {
    
        [key]
    
        string KeyName;
    
    
        //General encryption requirements
    
        UInt32    OsDriveEncryption;
    
        UInt32    FixedDataDriveEncryption;
    
        UInt32    EncryptionMethod;
    
    
        //Required protectors properties
    
        UInt32    OsDriveProtector;
    
        UInt32    FixedDataDriveAutoUnlock;
    
        UInt32    FixedDataDrivePassphrase;
    
    
        //MBAM agent fields
    
        Uint32    MBAMPolicyEnforced;
    
        string    LastConsoleUser;
    
        datetime  UserExemptionDate; //Registry value should be string in the format of yyyymmddHHMMSS.mmmmmmsUUU
    
        UInt32    MBAMMachineError;
    
    
        // Encoded computer name
    
        string    EncodedComputerName;
    
    };
    
    
    [DYNPROPS]
    
    Instance of Win32Reg_MBAMPolicy_64
    
    {
    
        KeyName="BitLocker policy";
    
    
        //General encryption requirements
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\MDOPBitLockerManagement|ShouldEncryptOsDrive"),Dynamic,Provider("RegPropProv")]
    
        OsDriveEncryption;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\MDOPBitLockerManagement|ShouldEncryptFixedDataDrive"),Dynamic,Provider("RegPropProv")]
    
        FixedDataDriveEncryption;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE|EncryptionMethod"),Dynamic,Provider("RegPropProv")]
    
        EncryptionMethod;
    
    
        //Required protectors properties
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|OSVolumeProtectorPolicy"),Dynamic,Provider("RegPropProv")]
    
        OsDriveProtector;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE\\MDOPBitLockerManagement|AutoUnlockFixedDataDrive"),Dynamic,Provider("RegPropProv")]
    
        FixedDataDriveAutoUnlock;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\FVE|FDVPassphrase"),Dynamic,Provider("RegPropProv")]
    
        FixedDataDrivePassphrase;
    
    
        //MBAM agent fields
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|MBAMPolicyEnforced"),Dynamic,Provider("RegPropProv")]
    
        MBAMPolicyEnforced;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|LastConsoleUser"),Dynamic,Provider("RegPropProv")]
    
        LastConsoleUser;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|UserExemptionDate"),Dynamic,Provider("RegPropProv")]
    
        UserExemptionDate; //Registry value should be string in the format of yyyymmddHHMMSS.mmmmmmsUUU
    
        [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|MBAMMachineError"),Dynamic,Provider("RegPropProv")]
    
        MBAMMachineError;
    
    
    [PropertyContext("Local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\MBAM|EncodedComputerName"),Dynamic,Provider("RegPropProv")]
    
        EncodedComputerName;
    
    };
    
    
    #pragma namespace ("\\\\.\\root\\cimv2")
    
    #pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL)
    
    [Union, ViewSources{"select Name,OperatingSystemSKU from Win32_OperatingSystem"}, ViewSpaces{"\\\\.\\root\\cimv2"},
    
    dynamic,Provider("MS_VIEW_INSTANCE_PROVIDER")]
    
    class CCM_OperatingSystemExtended
    
    {
    
        [PropertySources{"Name"},key]
    
        string     Name;
    
        [PropertySources{"OperatingSystemSKU"}]
    
        uint32     SKU;
    
    };
    
    
    #pragma namespace ("\\\\.\\root\\cimv2")
    
    #pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL)
    
    [Union, ViewSources{"select Name,PCSystemType from Win32_ComputerSystem"}, ViewSpaces{"\\\\.\\root\\cimv2"},
    
    dynamic,Provider("MS_VIEW_INSTANCE_PROVIDER")]
    
    class CCM_ComputerSystemExtended
    
    {
    
        [PropertySources{"Name"},key]
    
        string     Name;
    
        [PropertySources{"PCSystemType"}]
    
        uint16     PCSystemType;
    
    };
    
    
    //=======================================================
    
    // Microsoft BitLocker Administration and Monitoring end
    
    //=======================================================
    
    

Vea también

Conceptos

Implementación de MBAM con Configuration Manager

Otros recursos

Creación o edición de los archivos mof

-----
Para obtener más información acerca de MDOP, consulte la biblioteca de TechNet, busque soluciones de problemas en TechNet Wikio síganos en Facebook o Twitter.
-----