MBAM Console

By Rory Monaghan


The MBAM Console is the central control console for managing your Bitlocker deployment and clients. Everything you need to manage can be found here. During the setup of MBAM you set up a web service on your Bitlocker application server. You need to browse to the website for your server e.g. https://BITLOCKERSERVER:80/ Only users who are granted access will be able to use this console please see my other post for details HERE

There are several different levels of reporting available from within the console. The first option is Enterprise Compliance which is a great first stop. It gives you a high level overview of your entire estate. With a Pie Chart informing you right off the bat if something is not compliant.

Above we can see that 26 machines are compliant, 1 is non-compliant. From there you can browse to the drop down box, switch to only show non-compliant machines and you will be provided with both the Computer Name and the Device User (Owner)








Once you have got the one or however many non-compliant machines listed, it’s just a case of clicking on the computer name, this will bring you more details on the machine and the compliance issue e.g.

If you’d like to just look at one machine right away you can just look at the Computer Compliance Report and enter the machine name and hit view report.

The Hardware Audit Report can be used to view the logs for each machine and Firmware type that has been approved for use.

Recovery Audit Report shows an Audit trail of all instances in which a drive recovery took place.


Drive Recovery





When a user gets locked out of their machine and requires a drive recovery this is the screen the Helpdesk will see. They will prompt the user for an 8 digit key which will show up on their screen. Input the Domain and the UserName. They can also select the a reason if known e.g.

Manage TPM

You can use the Manage TPM Pin.

Hardware Approval

The Hardware as mentioned before is used for approving your hardware Make Model and Firmware version for use with the companies BitLocker setup. It allows us to be the gatekeepers for the hardware being used.

Let's make virtualization easier!

Be amongst the first to know when I publish new reviews, guides and tools to simplify your projects.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.

We'll virtualise your 5 most complex apps for FREE