How to Install MBAM 2.5 SP1 and integrate with SCCM Configmgr 2012 R2 SP1 – Part 3

 

In Part 2 here of this MBAM 2.5 SP1 multi series, we have installed prerequisites for Windows roles/Features and SQL server components,Permissions to the Database and reports.

In this post (part 3) ,we will see the prerequisites for the Configuration Manager Integration feature with MBAM.

If you do not want to integrate MBAM 2.5 SP1 with your Existing Configuration manager environment,you can skip this part and jump to Part 4 .

My Configuration manager is running on 2012 R2 SP1 (standalone) with SQL server installed on local box.

Before we install the MBAM feature on our Configmgr,verify the account used to install MBAM integration on configmgr has enough permissions on Configmgr .I use the SCCM Admin account (CM_SRV) which is local administrator on configmgr Box.

To enable the client computers to report BitLocker compliance details through the MBAM Configuration Manager reports, you have to edit the Configuration.mof file, whether you are using System Center 2012 Configuration Manager or Configuration Manager 2007.

On the Configmgr server ,Open Configuration.mof from D:\SCCM\Inboxes\clifiles.src\hinv\ (your installation folder might be different) append the content from https://technet.microsoft.com/en-us/library/dn645321.aspx.

we also need to make changes to Hardware Inventory. For this,copy the MOF content from https://technet.microsoft.com/en-us/library/dn656927.aspx  , save it as Inventory.mof ,follow the steps outlined https://technet.microsoft.com/en-us/library/dn656927.aspx.

Note:If you are running CAS+Primary site,you must import the mof to default client settings and then enable the inventory classes in your primary site.Custom settings must always first go to default before you enable them in custom client device settings.Just import the MOF file to default client settings but deselect the classes.Go to your custom client settings and enable there .(if you do not have custom client device settings,you can do so in default settings).

Upon the changes to both configuration.mof and inventory agents, check if your changes are successfully complied or not by looking at dataldr.log on your sccm server.

image

we are done with configmgr prerequisites. Next,we will launch the MBAM server setup to integrate with Configmgr.Mount your downloaded MDOP 2015 ISO and browse to MBAM folder.

Folder: F:\MBAM\MBAM 2.5 SP1\Installers\x64

image 

Click Next

 image     

Accept the license agreement and Click next

    image 

Click Install

   image

Select Run MBAM server Configuration and click Finish

image

Launch the MBAM Server configuration wizard and select add new features.

image

select the last component system center configuration manager integration.

image                  image                image

I am using default Instance (MSSQLSERVER) so I leave it blank. If you are using Named Instance,Please enter it and click next.

image                image                  image

This procedure creates MBAM supported collection,configuration manager baselines and configuration items and deployed to MBAM collection automatically.

image

Configuration Item and Baselines:

image

If you are trying this in lab environment,you must edit the MBAM collection query else you will not see the your clients into this collection .

if you look at the query,it is omitting the VM’s . Just select what I shown below and click delete (x ),click ok.

image

update the collection membership,wait for min until collection is refreshed (hours glass disappear) ,you should be able to see the members in this collection (if you have any workstation clients but not servers).

With this,we are done with MBAM 2.5 SP1 integration with Configuration manager 2012.

In next part (part 4) ,we will see how to install and configure the MBAM components on our MBAM01 server.

Leave a Reply