![]() ![]() ![]() Since Configuration Manager, version 1902 is out of support, using stand-alone MBAM and the Invoke-MbamClientDeployment.ps1 PowerShell script with currently supported versions of Configuration Manager is no longer supported. For more information, see Escrow BitLocker recovery password to the site during a task sequence.Īlso note that stand-alone MBAM integration with Configuration Manager was only supported through Configuration Manager, version 1902. For more information, see Using the MBAM Agent to escrow BitLocker recovery keys generates excessive policies in Configuration Manager, version 2103.īitLocker Management starting with Configuration Manager, version 2203 natively supports escrowing the BitLocker key during a task sequence with the Enable BitLocker task sequence task via the option Automatically store the recovery key in: > The Configuration Manager database. This will lead to severe degradation of performance in Configuration Manager primarily in SQL and with Management Points. Known problems include creation of a large amount of policy targeted to all devices which can cause policy storms. Attempting to use the Invoke-MbamClientDeployment.ps1 PowerShell script with Configuration Manager, version 2103 or newer can result in serious problems with the Configuration Manager site. This includes escrowing of BitLocker recovery keys during a Configuration Manager task sequence.įurthermore, starting with Configuration Manager, version 2103, Configuration Manager BitLocker Management no longer uses the MBAM key recovery services site to escrow keys. The Invoke-MbamClientDeployment.ps1 PowerShell script is not supported for use with BitLocker Management in Configuration Manager. These instructions do not pertain to Configuration Manager BitLocker Management. ![]()
0 Comments
Leave a Reply. |