Hi The main reason for installing SQL enterrprise when using MBAM is so the recovery keys for bitlocker can be stored securely in the recovery database and i belive its the enterprise/(datcentre) feature of TDE that allows this. If security is not a issue and a client is happy to store the recovory keys in AD is it possible to install MBAM and therefore SQL standard so the other 2 databases mbam requires compliance and audit can be stored in sql standard. If MBAM is configured to store the revovery keys in AD rather than the recovry database doesn't his make the recovory database redundnat and negates the requiremnet for sql enterprise/datacentre . As the cost of enterprise/datacentre is a lot more than standard thats why the client woudl rather go for a lower cost option -the reporting features of mbam and its managebility is more importnat than secuuring recovory keys. The users who would have access to the recovory keys in AD are trusted so the data in AD is considered secure enough and thats the alternative way to recover keys if required. Is there anyway to install to install MBAM without SQL Enterprise or Datacenter, i know its possible to use sql developer but that would not be supportable in a live envirommet or do microsoft provide support for SQL devloper in a live enviromnet if its used in conjuction with MBAM?? Hope this is the right forum as most bitlocker questions are in the windows 7 forum and its the secuirty feature i.e storage of recovery keys securely so raised in the in the windows 7 security forum . Apoligies if considered as wrong forum

Hi, thank you for posting here. To answer your question: No. Please see here http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/c347511a-b59a-48de-a1aa-7f6944b9e018/ So even you could trick the install wizard you would always have the supportability question. Hope that helps, Lutz

i think i may have found a answer to my query in this article http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/cf3eed69-978f-493f-a0c1-b94e1a21aa0f. As the datbase and recovery feature is a option that can be selected or deslected during installation along with these features compliance and audit database installtaiom compliance and audit reports Administratrion and monitoring server it appears it is possible to install MBAM without sql enterprise if the recovory and hardware database feature is not slected during install, however the recovory keys need to be stored somewere and when configuring group policys in mbam its possible to store these keys in AD (with its percieved security issues). By not having the recovry feature you are making it slightly hard to recovor keys instead of gettting the keys through the nice MBAM interface the unfreindly command line driven bitlocker recovory tool can be used.

i think i may have found a answer to my query in this article http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/cf3eed69-978f-493f-a0c1-b94e1a21aa0f. As the datbase and recovery feature is a option that can be selected or deslected during installation along with these features compliance and audit database installtaiom compliance and audit reports Administratrion and monitoring server it appears it is possible to install MBAM without sql enterprise if the recovory and hardware database feature is not slected during install, however the recovory keys need to be stored somewere and when configuring group policys in mbam its possible to store these keys in AD (with its percieved security issues). By not having the recovry feature you are making it slightly hard to recovor keys instead of gettting the keys through the nice MBAM interface the unfreindly command line driven bitlocker recovory tool can be used.

You are absolutely right on this. Sorry I missed this detail in my first response.