Hello,

Following this blog:

http://blogs.technet.com/b/deploymentguys/archive/2012/02/20/using-mbam-to-start-bitlocker-encryption-in-a-task-sequence.aspx

I have followed the above blog to get MBAM to encrypt during the MDT TS. I have a task created to create 2 partitions, One that is 350 MB, no drive letter assigned and then 100% of the remaining drive and set the variable OSDrive on it. I have tried this 2 ways:

• Copied the 2xReg Files to the scripts folder and used the command

cscript %deploymentroot%\Scripts\StartMBAMEncryption.wsf /AddRegFile:AddMBAMRegEntries.reg /RemoveRegFile:RemoveMBAMRegEntries.reg   /WaitForEncryption:true

• Created a package per the instructions

Neither method works. I check the registry and see that the registry has been modified as well as checking that the service is running and that the MBAM logs are updating. Manage-Bde -status shows the drive "Fully decrypted" and eventually the task sequence just times out.

I have read other blogs on this and have not come to a reason that this is failing to encrypt the drive during MDT OSD. Does anyone know of any other blogs for MBAM with SCCM 2012 R2 CU4 + MDT 2013?

• Edited by RCCMG 11 hours 53 minutes ago

Is there anything in the MBAM event logs?