deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/Microsoft/windows-itpro-docs

Browse Source
This commit is contained in:
LizRoss 2017-09-08 12:42:56 -07:00
commit 15908afbe4
2 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
mdop/mbam-v25/release-notes-for-mbam-25-sp1.md
View File

@ -128,6 +128,20 @@ If different encryption strengths are used, MBAM will report the machine as **no
As of HF02, the MBAM Self-Service Portal automatically adds the '-' on Key ID entry.
**Note:** The Server has to be reconfigured for the Javascript to take effect.
### MBAM 2.5 Sp1 Reports does not work / render properly
Reports Page does not render properly when SSRS is hosted on SQL Server 2016 edition. 
For example Browsing to Helpdesk Clicking on Reports  ( Highlighted portion have “x”  on it )
Digging this further with Fiddler it does look like once we click on Reports it calls the SSRS page with HTML 4.0 rendering format.
**Workaround:** Looking at the site.master code and noticed the X-UA mode was dictated as IE8. As IE8 is WAY past the end of life, and customer is using IE11. Update the setting to the below code. This allows the site to utilize IE11 rendering technologies
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
Original setting is:
<meta http-equiv="X-UA-Compatible" content="IE=8" />
This is the reason why the issue was not seen with other browsers like Chrome, Firefox etc.
## Got a suggestion for MBAM?

2
windows/device-security/bitlocker/bitlocker-device-encryption-overview-windows-10.md
View File

@ -66,7 +66,7 @@ Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryp
Unlike a standard BitLocker implementation, BitLocker Device Encryption is enabled automatically so that the device is always protected. The following list outlines how this happens:
* When a clean installation of Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, BitLocker Device Encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key (this is the equivalent of standard BitLocker suspended state).
* When a clean installation of Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, BitLocker Device Encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key (this is the equivalent of standard BitLocker suspended state). In this state, the drive is shown with a warning icon in Windows Explorer. The yellow warning icon is removed after the TPM protector is created and the recovery key is backed up, as explained in the following bullet points.
* If the device is not domain joined, a Microsoft account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to the online Microsoft account, and a TPM protector is created. Should a device require the recovery key, the user will be guided to use an alternate device and navigate to a recovery key access URL to retrieve the recovery key by using his or her Microsoft account credentials.
* If the user uses a domain account to sign in, the clear key is not removed until the user joins the device to a domain and the recovery key is successfully backed up to Active Directory Domain Services (AD DS). You must enable the **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives** Group Policy setting, and select the **Do not enable BitLocker until recovery information is stored in AD DS for operating system drives** option. With this configuration, the recovery password is created automatically when the computer joins the domain, and then the recovery key is backed up to AD DS, the TPM protector is created, and the clear key is removed.
* Similar to signing in with a domain account, the clear key is removed when the user logs on to an Azure AD account on the device. As described in the bullet point above, the recovery password is created automatically when the user authenticates to Azure AD. Then, the recovery key is backed up to Azure AD, the TPM protector is created, and the clear key is removed.