I think he's just saying that his OSD is MDT integrated not that he's using LTI.
To answer your question as I recall when I set that exact same scenario up you are correct. Just hide the bitlocker page and handle everything in the TS. It works just fine. ________________________________ John Marcum Sr. Desktop Architect Bradley Arant Boult Cummings LLP ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of Daniel Ratliff Sent: Thursday, August 22, 2013 10:32 AM To: [email protected] Subject: [MDT-OSD] RE: MBAM & MDT+OSD UDI I am definitely not saying it wont work, I even used it myself for a while, but UDI is not recommended as a LTI solution. It is actually supposed to only be used for user driver installations/ZTI. Anything you set in the UDI Wizard has to be mirrored/configured in your CustomSettings.ini as well, just keep that in mind. Daniel Ratliff From: [email protected]<mailto:[email protected]> [mailto:[email protected]]<mailto:[mailto:[email protected]]> On Behalf Of [email protected]<mailto:[email protected]> Sent: Thursday, August 22, 2013 11:26 AM To: [email protected]<mailto:[email protected]> Subject: [MDT-OSD] MBAM & MDT+OSD UDI Hello All, Using MDT 2012 U1 and CM2012 OSD at our shop with a UDI interface for technicians to deploy images. I've read the "Using MBAM Data Encryption With MDT" PDF from MS and several TechNet threads, blog postings on it etc, but I haven't seen any references to leveraging MBAM in an MDT UDI scenario. I'm hoping someone has experience with this type of deployment. If I'm understanding things correctly, installation and configuration of the MBAM client will cause BitLocker to be enabled and begin encrypting? If so I should be able to: * Omit the BitLocker page from UDI entirely * Create a custom page with a checkbox to install MBAM and enable BitLocker using a new custom OSD variable * Reference that variable in my Task Sequence tied to a conditional group * Install MBAM client within that group, populate the registry with appropriate MBAM settings, restart the service, etc And as the Task Sequence continues, the MBAM client should enable BitLocker, send the recovery key to the SQL DB at that point, and begin drive encryption... sound correct? I'm still trying to wrap my head around some of this, so all insight is appreciated. Thanks in advance, Andrew ________________________________ This e-mail is intended only for the person or entity to whom it is addressed and may contain information that is privileged, confidential, or otherwise protected from disclosure. If you are not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this message is prohibited. If you have received this e-mail in error, please contact the sender immediately and delete the original message and all copies from your system. Statements and representations made in this message are not necessarily that of the Company. The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer.
