Skip to main content

Microsoft BitLocker Administration and Monitoring

Connector name

agtmbam

Connector type

Executable

Type (UI field value)

BitLocker Administration and Monitoring

Connector status / support

Bravura Security-Verified

This connector has been tested and is fully supported by Bravura Security.

Installation / setup

Bravura Security Fabric can also list users and provide a method to obtain a challenge response for BitLocker HDD Encryption using the agtbitlocker connector. The primary difference between agtbitlocker and agtmbam is the setup used for storing recovery keys (Active Directory or the MBAM database). Both connectors offer similar functionality, except that agtmbam accounts are Active Directory accounts so associate simply, while agtbitlocker requires a setup to associate machine IDs with profiles.

The following Bravura Security Fabric operations are supported by this connector (depending on your product license and version):

  • get server information

  • Challenge-response - generate an unlock code to recover control of a machine after reboot

  • List:

    • accounts

For a full list and explanation of each connector operation, see connector operations.

Notes on challenge-response operation

For the challenge response operation, the challenge input field is used to identify which computer the user is trying to retrieve a recovery key for. Users enter the on screen code from their Bitlocker-encrypted machine into Bravura Security Fabric 's Unlock encrypted systems/accounts module, which returns the code they enter to unlock the machine.

The process for agtmbam is:

  1. End user accesses Bravura Pass and choose Unlock encrypted systems/accounts then chooses Bitlocker.

  2. The "Recovery Key ID" must be obtained from the affected device from the Bitlocker Recovery screen.

  3. That "Recovery Key ID" is provided as input to the Unlock encrypted systems/accounts module in Bravura Pass as the challenge code.

  4. The agtmbam connector gets the "Recovery Key" from the MBAM target system then returns it to the user.