Microsoft BitLocker Administration and Monitoring

Welcome to the Microsoft BitLocker Administration and Monitoring customer feedback site! Please submit your ideas or vote for one of the current features suggested below. The engineering team is actively monitoring the site and we want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. USB device MBAM client support

    Currenlty MBAM Client 2.5 does not have any activity in encrypting USB sticks, even if Removable Media policies are configured. USB stick encryption must be done manually with OS Bitlocker control, and it will require to print-out the recovery key, since AD recovery is not used because we have MBAM. Printing out Recovery Key is problematic and security risk for end-users.

    15 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    • Client, Server and Setup general improvements.

      I think that a lot of functionalities are lacking in the Client and Server. The work for whoever is implementing MBAM could be greatly simplified by some additions

      Client:
      - 'Status' tab which shows what the client has sent to the MBAM server, how long ago it sent it, if communications are OK to the server in the last x hours.
      - A list of users that have been associated with the computer so that you know who can request the key in the self service site (this is maybe useless, but it might be good for debugging purposes)

      Server: …

      41 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)

        Hi Miguel, It sounds like you want improved diagnostics. Great feedback. Can you provide more information about the challenges with Setup? You mention confusing online instructions, etc. Can you provide some examples?

      • Client Install Dependencies

        We run into issues with Visual Studio Assemblies (Redistribute Package) updates for latest MBAM 2.5 client. In default install is some library blocked by HP Software preinstalled with some drivers. Nice, if some in knowledgabase is written working set of dependencies or some of this type of troubleshooting. Client after run only silenty fail with this scenario.

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  Admin →
        • Add Compliance reporting for Bitlocker to Go devices in MBAM.

          Right now, MBAM does not report on compliance for Bitlocker To Go devices. Specifically USB based devices. I am aware of the GPO to set the devices to read only if they are not encrypted, however, reporting on compliance in terms of what IS encrypted/un-encrypted would be helpful for customers that have strict regulatory compliance audits.

          27 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            under review  ·  1 comment  ·  Admin →
          • What about a diagnostic tool for client side troubleshooting ?

            I think that a user friendly tool dedicated to MBAM/Bitlocker more explicit that EventLog or others logfiles can help IT to resolve this cases :
            - Why encryption not start ?
            - My Mbam server is up and ready to escro the key ?
            - Existing GPO/Regedit conflits settings ?
            - Reporting is OK ?
            - etc.

            Regards,
            Jean-Baptiste

            89 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
            • Provide coherent documentation on how to implement MBAM

              The technet documentation is a perfect example of how not to structure knowledge. I've never seen anything more fragmented and incoherent. Half the content is represented by pointers to other content.

              20 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
              • Multi-Client capability

                All companies i have been in the past with BL and MBAM are asking for this to Support different departments inside their AD/Company.
                So department A should not be able to get Keys from department B and so on. This should be solved with one instance of MBAM.

                35 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  under review  ·  1 comment  ·  Admin →
                • 9 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                  • 53 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                    • Self-Service Portal on Extranet

                      My customer doesn’t have 24/7 helpdesk support, so it will be great feature to allow users to get BitLocker Recovery Key without Intranet connection (i.e. supported deployment in DMZ, Extranet, …) with possibility to support strong authentication with or without ADFS.

                      15 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                      • 9 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          1 comment  ·  Admin →
                        • Official supportability for Windows Server

                          Customers should have clear picture of the compliance of all their machines including servers not only laptops and workstations. Also some developers have Windows Server OS on their laptops as primary OS. And finally MBAM agent works on Windows Server if you edit MSI in ORCA editor so why don’t we support it?:)

                          7 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            1 comment  ·  Admin →
                          1 2 3 5 Next →
                          • Don't see your idea?

                          Microsoft BitLocker Administration and Monitoring

                          Feedback and Knowledge Base