When a user clicks the Postpone button instead of the Encrypt button, can they just keep clicking that and they'll never have to Bitlock their drive? Or will it at some point encrypt the drive? And if there is a time limit, is it configurable? thanks

In MBAM when user clicks the Postpone button, we do not prompt for encryption again until we hit the next client wake up frequency which is 90 minutes by default. Now if you do not wait for 90 minutes, then you will have to modify these keys in registry. On Windows 7 client open registry HKLM\Software\Policies\Microsoft\FVE\MDOPBitLockerManagement Change the ClientWakeUpFrequency = 1 and StatusReportingFrequency=1 2. There is a random delay of up to 90 minutes when MBAM service starts on windows 7 client. If you don’t want random delay, then create a dword value “NoStartupDelay” under HKLM\Software\Microsoft\MBAM and set its value to 1. Restart the MBAM Client Service and then client will talk to server in 1 minute. Now since the user clicked Postpone encryption, you can remove one reg key Delete: HKCU\Software\Microsoft\MBAM Restart the MBAM client service. I hope this helps.Manoj Sehgal

Yes thanks I have been playing with those settings on one of my test clients. But will MBAM allow someone to click the Postpone Encryption button forever, there by never forcing the encryption?

Yes, this is possible. User can click postpone button N number of times and never start encryption on his machine. For this Admins has to view the MBAM reports and you will see this machine as non-compliant and then tell the user to complete the encryption once. Manoj Sehgal

thats what I figured :) thanks!

If this answer your question, then can you mark this thread as closed. ThanksManoj Sehgal

When will the hotfix for this bug be available?

Is there any way you can tell in the MBAM reports the reason the machine is not compliant _ for example, tpm disabled, postpone button , manual decryption? I don't see it anywhere, but that would be good information!Dee Ramon

Duh - i had to wait for the reporting to refresh, yes it does list the status as postponed in the console. Sorry for the dumb questionDee Ramon