Regardless of what password policy i set in the MBAM group policies, if i require encryption for fixed drives (Partition D for example), the mbam wizard allways asks me to set a password for it, even though i set the fixed drive password policy to "not require" and "auto unlock". i can even go into the bitlocker applet in control panel and remove the password after encryption starts. How can i encrypt both C: and D: without asking for a password for D?

Hi, I think password is necessary when encrypting the hard drive via Bitlocker for security. I cannot find a method to encrypt the hard drive without setting password. Best Practices for BitLocker in Windows 7 http://technet.microsoft.com/en-us/library/dd875532(WS.10).aspx Niki TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Niki Han TechNet Community Support

In MBAM by design, it is mandatory to supply a password for fixed drives. You can encrypt, OS drive automatically by using TPM only, so that we don't prompt the user for a PIN. Configure the MBAM GPOs for TPM only. Manoj Sehgal

I have the exact same problem! But you can avoid using a password in another way: Set the following policy to "disabled" Computer Configuration > Administrative Templates > Windows Components > MDOP MBAM > BitLocker Management > Fixed Drive > Configure use of passwords for fixed data drives You can now encrypt the fixed drive through BitLocker Drive Encryption in the Control Panel without using a password. You just have to tick the Automatically unlock this drive on this computer checkbox manually. The “funny” thing is that the description for the above policy is says "If you disable this policy setting, the user is not allowed to use a password.". Why does this work for the build-in Bitlocker Setup and not for the MBAM Client UI witch the policy is made to?! I'm going through the last tests before deploying MBAM to 300 clients, but this last thing that I need to solve. The deployment needs to be as automated as possible. Anyone who knows how to get the MBAM Client UI to accept the policy i mentioned above?

Hi, I am currently standing by for an update from you and would like to know how things are going. If you have any feedback, please let us know. Niki TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here. Niki Han TechNet Community Support

As I said earlier, MBAM by design, requires a password to be entered for fixed data drives. If you do not use MBAM, original bitlocker will allow you to encrypt the drives using auto-unlock. Also if you do this, MBAM complaince reports will not report your fixed drives as encrypted since MBAM requires password as a protector. One thing you can do is: For deployment, you can use auto-unlock with orginal bitlocker GPOs. Once done enable MBAM GPO, which will only prompt the user to supply a password for data drives. In this way you accomplish your goal for deployment and also get correct MBAM reporting for your data drives. Manoj Sehgal

Hi, As this thread has been quiet for a while, I assume the issue has been resolved. At this time, we will mark it as "Answered" as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish. BTW, we'd love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. Thanks for your understanding and efforts. Niki TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here. Niki Han TechNet Community Support

Hi, MBAM agent requires password for fixed data drive by design. If you set the policy "Configure use of passwords for fixed data drives" to disabled, MBAM agent will refuse to encrypt fixed data drive. In this case, MBAM eventlog registers the following error: 0x8031006a, "policy settings don't allow password creation" !

Hi, Just a question about this fixed drive password, in what type of situation I can have to enter this password ? Thanks