Verifying MECM Managed Encryption

The following information is intended for use by IT support staff. Not all of the information and features in this section will be available to users.

1. Once Dell Enterprise Encryption has been removed from the computer, MECM will install the Microsoft Desktop Optimization Pack (MDOP) Microsoft BitLocker Administration and Monitoring (MBAM) program seen here in the control panel Programs and Features list. 
2. This program will take over the Encryption Policy and Escrow of the BitLocker recovery keys.
3. Please note that this could take some time for the policy to become effective on an endpoint.
4. The best way to ensure everything is working correctly is to check for the above software and by running: manage-bde -protectors C: -get  from an administrative CMD prompt to view the recovery ID and Password.
5. You can then access the following Self Service Recovery portal and check that the password has been escrowed       **You may need to request access to these portals **
   • https://hsc-sccm01.hsc.net.ou.edu/SelfService for HSC Endpoints (for now)
   • https://ou-sccm01.net.ou.edu/SelfService for Sooner Endpoints ​​​​​​​ ​​​​​​​
6. If you have issues with a 403 ERROR, please try accessing the site from VDI.
7. If you still run into issues, you may need to have your account added to the BitLocker Recovery Group by opening a ticket with Security Operations.