I have deployed MBAM in my test environment and all works fine. The question what I have is this, I rolled out the MBAM policies by using PolicyDefinitions to role out ADMX Templates/files. Is this the correct way to do it? Regards, Vik Singh

GPO for MBAM are configured using admx templates only. Best way is to configure GPO from using GPMC and link to the OU where all MBAM clients are. MBAM Technical Documents: Planning Guide: http://onlinehelp.microsoft.com/en-us/mdop/hh285653.aspx Deployment Guide: http://onlinehelp.microsoft.com/en-us/mdop/hh285644.aspx Operations Guide: http://onlinehelp.microsoft.com/en-us/mdop/hh285664.aspx Troubleshooting MBAM: http://onlinehelp.microsoft.com/en-us/mdop/hh352745.aspxManoj Sehgal

Thanks Manoj. 2 Questions!! 1. If you are saying that the method I followed is correct, then what is the benefit of the Group Policy Role in MBAM Installation - Is it just a way to retrieve the admx files? 2. When all the policies are deployed correctly and the agent is installed, the client will popup with the enable BitLocker MBAM wizard automatically after the time specified in the GPO? Correct? Is event viewer the best way to find why the client wizard did not automatically prompt the user to enable BitLocker? Regards, Vik Singh

1. If you are saying that the method I followed is correct, then what is the benefit of the Group Policy Role in MBAM Installation - Is it just a way to retrieve the admx files? Yes, correct. Group Policy role only gives you admx and adml files for MBAM. 2. When all the policies are deployed correctly and the agent is installed, the client will popup with the enable BitLocker MBAM wizard automatically after the time specified in the GPO? Correct? Is event viewer the best way to find why the client wizard did not automatically prompt the user to enable BitLocker? Your understanding is correct. Keep in mind, we do not show MBAM UI prompt on a RDP session. You have to be on the console to see the MBAM Ui prompt.Manoj Sehgal

Thanks Manoj.Regards, Vik Singh

I have installed the MBAM Server, configured the GPO, created an OU and applied the GPO to the OU and installed the client to the machines in the OU. I verified that the GPO was applied to the machine by using GPRESULT. Yet, the machine does not Automatically prompt the user to Enable BitLocker. The BitLocker client was installed to an existing Win7 Ent. machine. Could someone please help me understand what I need to do to automatically prompt the user to Enable BitLocker? Thank you. - Tivo

Check the event logs on the machine - MDOP MBAM is the event folder (If I remember correctly)regards, Vik Singh