Microsoft BitLocker Administration and Monitoring

Welcome to the Microsoft BitLocker Administration and Monitoring customer feedback site! Please submit your ideas or vote for one of the current features suggested below. The engineering team is actively monitoring the site and we want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. section 508 compliance at pre-boot

    bitlocker on the endpoint is virtually unusable for a visually impaired user.

    when will Microsoft improve this situation, afterall McAffee have been doing this for at least the last two years

    following link clearly indicates that its not really that complicated

    https://kc.mcafee.com/corporate/index?page=content&id=KB69853

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    • Is MBAM 2.5 SP1 supported on SQL Server 2012 SP3 and 2014 SP2?

      Support for SQL Server 2012 SP2 ran out in January 2017. Support for 2014 SP1 will run out in October.
      Is 2012 SP3 and 2014 SP2 supported with MBAM 2.5 SP1?

      24 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
      • Support/Document using both MBAM Compliance DB and ConfigMgr Integration

        The documentation for doing SCCM Integration makes it sound like the it is an either/or decision - you can either put the compliance data in MBAM's database or use ConfigMgr hardware inventory to track it. In practice (and described at TechEd 2014), you can store the data in both. This is incredibly useful as the SCCM data is typically used for operational actions (like creating collections to automatically remediate issues), and the MBAM Compliance data is used for historical reporting (like proving that laptop you retired/recyled 2 years ago was encrypted, long after the data is out of ConfigMgr).

        Please…

        22 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
        • Where are the MBAM (all versions) Server Configuration Settings after installation?

          How to access the settings that were applied such as MBAM Adv HelpDesk AD group used? Are they kept in the Registry?
          Having to upgrade from previous version to new version makes it difficult to retrieve such settings?
          Is there a way to retrieve the current settings that were applied during the Installation Wizard?

          1 vote
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
          • How does the MBAM Client register into MBAM Webserver/SQL (process flow)?

            Is there a simple diagram or explanation on how the MBAM Client process works in regards to the registration of the Key into SQL server?

            1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
            • Microsoft BitLocker Administration and Monitoring to automate and assign them to ticketing tool

              s there a way that Microsoft BitLocker Administration and Monitoring console can send those non-compliant systems details to a ticketing tool like Service Now when the systems are non-encrypted or identified. By automating this process, we can track those non-compliant system on a timely manner & remediate solutions as when they appear in servicenow

              5 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
              • Support for later version of Configuration Manager

                MBAM 2.5 SP1 to support newer versions of ConfigMgr. Ideally Build 1610 and integration with future current branch builds in a more timely fashion.

                3 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                • What about SQL 2016 server

                  I believe its just matter of repackaging the installer with correct SQL DACFx component. Can we get an update or manual script to make it work please?

                  2 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                  • Force to set pin

                    Currently the window to set the PIN on the client is very small and ignorable. It would be better, if the window to set the PIN would be fullscreen and not closable.

                    12 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                    • Change VBS script in SCCM compliance to PowerShell

                      VBS script in SCCM compliance is really complex and sometimes fails when integration is upgraded. Will be nice, if PowerShell script will be provided as future of scripting also on Windows 10.

                      7 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                      • non-US-keyboard support

                        Add Support for non-us Keyboard layout in MBAM/BitLocker Password preboot Screen.

                        the preboot password authentication sets the keyboard layout to US english, so characters not present on this Keyboard cannot be typed although we can use those for BitLocker password.

                        Please add support for more than one keyboard layout.

                        64 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                        • MBAM Helpdesk - User Login Screen

                          Having a landing page for user login would be great. At the moment, you need to run IE as another user if the logged in user does not have access to the Helpdesk portal.
                          If there was a login screen where you could login to the Helpdesk as another user account, it would provide much better functionality for Support teams needing to perform recovery.

                          10 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                          • Allow a dump of Computer Compliance data to CSV

                            We are trying to find the reasons for our non-compliant machines. Many of them show up in our Enterprise Compliance Report as Non Compliant - No Error. But, when you search a specific machine in the Computer Compliance Report, you see additional information, such as Cipher Strength, etc. We have machines that are encrypted with the wrong cipher strength, (128 bit instead of 256) and we would like a report of which ones have this problem.

                            Unfortunately, it is time consuming to look up each machine one at a time in the Computer Compliance Report. We would like to create…

                            5 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                            • enhance bitlocker so that a user can be prompted with audible tones

                              when to enter the PIN, if its incorrect etc. this would greatly aid visually impaired users.

                              it seems such a simple thing, i'm amazed its not already been added

                              5 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                              • Admin customisable recovery reasons on Self Service Portal

                                Currently, the recovery reasons listed on the self service portal are limited to:

                                - BIOS changed
                                - Operating System files modified
                                - Lost Passphrase

                                If any other reason is added to the RecoveryControl view, it simply translates to "Other" within the database / reports.

                                Could we please have the ability to administratively (replace, or) list additional recovery reasons, at the very least by way of web config?

                                When tackling trending failures sending devices in to recovery, having the ability to filter on additional reasons would help narrow fault resolution.

                                3 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                • 83 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                  • Translate new enhanced PINs to US keyboard layout

                                    If a user changes the Bitlocker PIN via MBAM Agent with a non US keyboard he has to enter it in a different manner to unlock the PC.

                                    For example: "security" would be "securitz" on a PC with German keyboard layout.

                                    This causes a lot of problems for the users because they try to enter the German or French version and have to use the recovery key to unlock their workstation.

                                    It would be great if setting and using the PIN would use the same keyboard layout.

                                    55 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      1 comment  ·  Admin →
                                    • UWP and non-GPO applications

                                      Create a UWP app for managed devices like the Surface Hub.

                                      7 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                      • is MBAM 2.5 supported to run on SQL 2012 SP3

                                        is MBAM 2.5 supported to run on SQL 2012 SP3

                                        4 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                        • Generate a QR Code to request the Bitlocker Recoverykey.

                                          It would be a create feature to request the Bitlocker Recovery Key by scanning a QR Code with a mobilphone, instead browse to an URL and enter the 8 first digest. For the Security maybe you can combine it with an multifactor authentication.

                                          26 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                          • Don't see your idea?

                                          Microsoft BitLocker Administration and Monitoring

                                          Feedback and Knowledge Base