TechNet
Table of contents
TOC
Collapse the table of content
Expand the table of content

Preparing your Environment for MBAM 2.0

jamiejdt|Last Updated: 6/16/2016
|
1 Contributor

Before beginning Microsoft BitLocker Administration and Monitoring (MBAM) Setup, you should make sure that you have met the prerequisites to install the product. When you know what the prerequisites are ahead of time, you can efficiently deploy the product and enable its features so that it most effectively supports your organization’s business objectives.

If you are deploying Microsoft BitLocker Administration and Monitoring with Microsoft System Center Configuration Manager 2007 or Microsoft System Center 2012 Configuration Manager, see Planning to Deploy MBAM with Configuration Manager.

Review MBAM 2.0 Deployment Prerequisites

The MBAM Client and each of the MBAM Server features have specific prerequisites that must be met before they can be successfully installed.

To ensure successful installation of MBAM Clients and MBAM Server features, ensure that computers specified for MBAM Client or MBAM Server feature installation are properly prepared for MBAM Setup.

Note
MBAM Setup checks that all prerequisites are met before installation starts. If all prerequisites are not met, Setup will fail.

MBAM 2.0 Deployment Prerequisites

Plan for MBAM 2.0 Group Policy Requirements

Before MBAM can manage clients in the enterprise, you must define Group Policy for the encryption requirements of your environment.

Important
MBAM will not work with policies for stand-alone BitLocker drive encryption. Group Policy settings must be defined for MBAM, or BitLocker encryption and enforcement will fail.

Planning for MBAM 2.0 Group Policy Requirements

Plan for MBAM 2.0 Administrator Roles

MBAM administrator roles are managed by local groups that are created by MBAM Setup when you install the BitLocker Administration and Monitoring Server, the Compliance and Audit Reports feature, and the Compliance and Audit Status Database.

The membership of Microsoft BitLocker Administration and Monitoring roles can best be managed by creating security groups in Active Directory Domain Services, adding the appropriate administrator accounts to those groups, and then adding those security groups to the BitLocker Administration and Monitoring local groups. For more information, see How to Manage MBAM Administrator Roles.

Other Resources for MBAM Planning

Planning for MBAM 2.0

MBAM 2.0 Supported Configurations

© 2016 Microsoft