How to Manage Computer BitLocker Encryption Exemptions

Güncelleştirme: Kasım 2012

Uygulama Alanı: Microsoft BitLocker Administration and Monitoring 1.0

Microsoft BitLocker Administration and Monitoring (MBAM) can be used to exempt certain computers from BitLocker protection. For example, an organization may decide to control BitLocker exemption on a computer-by-computer basis.

To exempt a computer from BitLocker encryption, you must add the computer to a security group in Active Directory Domain Services in order to bypass any computer-based BitLocker protection rules.

To exempt a computer from BitLocker encryption

1. Add the computer account that you want to be exempted to a security group in Active Directory Domain Services. This allows you to bypass any computer-based BitLocker protection rules.

2. Create a Group Policy Object by using the MBAM Group Policy template, then associate the Group Policy Object with the Active Directory group that you created in the previous step. For more information about creating the necessary Group Policy Objects, see Deploying MBAM 1.0 Group Policy Objects.

3. When an exempted computer starts, the MBAM client checks the Computer Exemption Policy setting and suspends protection based on whether the computer is part of the BitLocker exemption security group.

Ayrıca Bkz:

Diđer Kaynaklar

Administering MBAM 1.0 Features

-----
You can learn more about MDOP in the TechNet Library, search for troubleshooting on the TechNet Wiki, or follow us on Facebook or Twitter.
-----