- Overview
- Realm setup
- Active Directory & SCCM setup.
- Active directory - Security group
- Active directory - Broker account
- SCCM - Deployment collection
- SCCM - Administrative category for applications
- SCCM - Administrative category for office
- SCCM - Limiting collection for collections
- AD - Parent AD group for AD group list
- AD - Staging OU
- SCCM - Configuration directory
- SCCM - WinPE boot image setup
- Configuration tool & File
- Realm secret key
- Allowed WinPE instances
- Network access account
- Notification account
- Hostname formatting
- Automatically identify hostname
- Overrides
- Active directory staging OU
- MBAM Server details
- SMTP server details
- Notification types
- User state migration (USMT)
- Logs and Profiles location
- Disk setup
- Content availability check
- Error adding collection member
- Error adding AD group member
- Wait for Bitlocker decryption
- Approved hardware
- Extension Attributes
- Using sccmtspsi (Operator view)
- Task sequence steps
- Task sequence error codes
- sccmtspsi error codes
4.9.MBAM Server details
Specify your MBAM server address URL. If recovery keys are stored in the MBAM recovery and hardware database, sccmtspsi will use this MBAM server address to automatically unlock locked drives.
MBAM server address should begin with https://.
Note : The realm broker account should have permission to read the recovery password from Microsoft Bitlocker Administration and Monitoring service. Add the realm broker account either to the “Advanced helpdesk users” active directory group or the “MBAM administrators” active directory group.