Let’s find out how to get Installed BitLocker MBAM Agent Details Using SCCM Query. You can create a query that will fetch the list of machines in which “MDOP MBAM” is installed with a software version.
The SCCM (ConfigMgr) Bitlocker management provides full BitLocker lifecycle management similar to MBAM (Microsoft BitLocker Administration and Monitoring). Configuration Manager BitLocker management uses the MDOP MBAM client in the background.
Traditionally, the organizations were using the MBAM to manage Bitlocker Recovery keys with Active Directory integration. Many of them are already migrated to the SCCM BitLocker solution.
The client-side event logs for SCCM BitLocker management are the same as MBAM. It would help if you looked into the same place to get more details on SCCM BitLocker troubleshooting scenarios. There are SCCM BitLocker management reports available to help with the first level of troubleshooting.
You can also use SCCM CMPivot for reviewing MBAM event logs. The CMPivot can collect the details from event logs from Online Clients. If the SCCM clients are offline, then you won’t be able to get the event log details from those clients.
- CMPivot Query for SCCM BitLocker Management Event Logs
- Get SCCM BitLocker Recovery Key using Console Extension | PowerShell Script
- SCCM Collection Based On Installed Application Version
Get Installed BitLocker MBAM Agent Details Using SCCM Query
The following steps help you to create queries to get Installed Bitlocker MBAM Agent Details Using SCCM Query –
In the Configuration Manager console, select Monitoring. Select Queries, Right-click on Queries, and choose Create Query.
On the General tab of the Create Query Wizard, specify a unique name and, optionally, a comment for the query.
Select Show Query Language to enter or edit the query directly in WMI Query Language (WQL).
In the Query Language, Copy and paste the following WMI Query Language (WQL) and Click OK –
The following are WQL queries that will help you to filter down to more specific installed software in your environment. For Example: Microsoft Desktop Optimization Pack (MDOP) MBAM
select SMS_R_System.NetbiosName, SMS_R_System.ADSiteName, SMS_G_System_INSTALLED_SOFTWARE.ARPDisplayName, SMS_G_System_INSTALLED_SOFTWARE.ProductName, SMS_G_System_INSTALLED_SOFTWARE.ProductVersion, SMS_R_System.OperatingSystemNameandVersion from SMS_R_System inner join SMS_G_System_INSTALLED_SOFTWARE on SMS_G_System_INSTALLED_SOFTWARE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_INSTALLED_SOFTWARE.ARPDisplayName like "MDOP MBAM"
On the next screen of Query Settings, Click Next. On the Summary page, review the details and Click Next to confirm the settings.
The task “Create Query Wizard” completed successfully. Click Close to finish the wizard.
Results – Installed MDOP MBAM Application In System
Once you completed the wizard. The new query appears in the Queries node in the Monitoring workspace. Right-click on the query and select Run, Or you can also double-click on the query to run.
Here you can see the results for System with Bitlocker MBAM Agent installed displays information with Installed Software Application and Version in the device.
About Author – Jitesh, Microsoft MVP, has over five years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.