HI, we provision with MECM, we successfully use the Microsoft script in the Task sequences - -RecoveryServiceEndpoint https://mbam.whitman.edu/MBAMRecoveryandHardwareService/CoreService.svc and the task sequence always completes and reports no errror. I perform a quick check on the device and get the Recovery Key ID and go to the Bitlocker Admin page and input into field and returns correct data.
But we have some computers we provisioned a few months ago or a year and we test the Recovery Key ID that I get from the computer and the Key and bitlocker recovery has changed so it fails to find it in the database. I went to the database and searched on the computer name and find it but they no longer match. It seems the device key and Drive Recovery Key changed but no record was changed in database when something occurred on the device and modified the key.
When I use to use AD to store mbam recoverykeyid and the keys changed on device you will see several line items for the recovery information. Any ideas? thanks, Kevin
But we have some computers we provisioned a few months ago or a year and we test the Recovery Key ID that I get from the computer and the Key and bitlocker recovery has changed so it fails to find it in the database. I went to the database and searched on the computer name and find it but they no longer match. It seems the device key and Drive Recovery Key changed but no record was changed in database when something occurred on the device and modified the key.
When I use to use AD to store mbam recoverykeyid and the keys changed on device you will see several line items for the recovery information. Any ideas? thanks, Kevin