Administrator users require full administrator Role in configmgr to create Bitlocker management policies.Once this key is used, it generates a new key for the device.Ĭonfigmgr 1910 introduce Bitlocker management to manage manage BitLocker Drive Encryption (BDE) for configmgr managed devices. Users able to get single-use key for unlocking a BitLocker encrypted device.User admins outside of Configmgr console able to help with key recovery including key rotation and other BitLocker-related support.Encryption status per volume or per device.Setting PIN/Password -Customize your organization's security profile on a per device basis.īuilt-in reports, currently available are:.Auto Unlock - When a user unlocks the OS drive specify whether to unlock only an OS drive or all attached drives.OS Drive Management - Settings like protector for OS drive, minimum PIN length.
Client Management - settings like Bitlocker recovery information to be store and client checking status frequencyĬompliance - Starting with ConfigMgr 2002 you can force users to get compliant with new security policies.ConfigMgr 2002 supports Encryption of Fixed and Removable drives. It does not support starting encryption on Fixed or Removable drives but support compliance reporting. Bitlocker Drive Encryption - Settings like drive encryption and cipher strength on Operating System Drives, Fixed Data Drives and Removable Data Drives.ConfigMgr 1910 only supports starting encryption on the OS drive.Bitlocker client deployment with seamless experience in configmgr console to manage devices running Windows 10 or Windows 8.1.This post is intended to give you guidance to implement Configmgr Bitlocker management, monitoring and troubleshooting.Ĭonfigmgr will provide the following BitLocker management capabilities: Client deployment configmgr gives this capability from V1910 and can replace the use of Microsoft BitLocker Administration and Monitoring (MBAM). However, there are scenario’s where cloud is not an option and require managing on-premises clients. Enable co-management and benefit from cloud-based BitLocker management with Microsoft Intune is the best approach. This feature is optional so, you must enable this feature before using it. Hi Folks! I’m Naveen kanneganti and Welcome to my blogpost.Ĭonfigmgr has release BitLocker Drive Encryption (BDE) in v1910 for on-premises Windows clients running Windows 10 or Windows 8.1.
0 kommentar(er)
