How to Deploy the MBAM Client to Desktop or Laptop Computers
The Microsoft BitLocker Administration and Monitoring (MBAM) client enables administrators to enforce and monitor BitLocker drive encryption on computers in the enterprise. The BitLocker client can be integrated into an organization by deploying the client through an electronic software distribution system, such as Active Directory Domain Services or Microsoft System Center Configuration Manager.
To review the Microsoft BitLocker Administration and Monitoring Client system requirements, see MBAM 2.0 Supported Configurations.
To deploy the MBAM Client to desktop or laptop computers
Locate the MBAM client installation files that are provided with the MBAM software.
Use Active Directory Domain Services or an enterprise software deployment tool like Microsoft System Center Configuration Manager to deploy the Windows Installer package to target computers.
Configure the distribution settings or Group Policy to run the MBAM Client installation file. After successful installation, the MBAM Client applies the Group Policy settings that are received from a domain controller to begin BitLocker encryption and management functions. For more information about MBAM group policy settings, see Planning for MBAM 2.0 Group Policy Requirements.
The MBAM Client will not start BitLocker encryption actions if a remote desktop protocol connection is active. All remote console connections must be closed before BitLocker encryption will begin.