MBAM was super simple to setup. Don't need a separate instance, just have to have your DBA buy off on setting the Force Encrypt checkbox. Took me all of an hour or two to setup the entire environment.
-----Original Message----- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Thursday, November 30, 2017 4:45 PM To: ntsysadm <NTSysADM@lists.myitforum.com> Subject: [NTSysADM] Bitlocker - set up and store keys in AD all at once Anyone have a clue on how to do this - without setting up MBAM? AFAICT, there isn't a way to do this, but I'm throwing it out here to see if I'm wrong. MBAM sets my teeth on edge, needing a SQL instance and all that when all I want to do is provision new machines with Bitlocker and get the key set up in AD in one go, and not hassle with writing the key to a file, then running another (logon) script to get the key imported into AD. Kurt