Jun 21 2017 08:29 AM
Is Bitlocker supported on virtual servers? We would like to implement virtual domain controllers and understand that Bitlocker cannot be used on Server 2012 R@ virtual machines. Is it supported on Server 2016 virtual machines?
Jun 21 2017 08:33 AM
SolutionYes, however there is a challange which is that MBAM doesn't support servers yet. Without MBAM you can still use BitLocker but it won't be as manageable as some customers would like. You won't get reporting or self service recovery. Some customers feel these capabilities are primarily for client OS. We tend to agree but we plan to add such functionality in the future. Based on priorities it won't happen any time soon.
-Chris
Jun 21 2017 08:35 AM
So without MBAM support, what are the options for server encryption recovery? Manually capture the recovery key and store in key safe?
Jun 21 2017 08:48 AM
Jun 21 2017 08:49 AM
Just asking the question to see what the options are without MBAM.
Dec 04 2019 05:24 AM
@Michael Brunker you can store your Bitlocker keys, for your servers, in Active Directory. In can be done by utilizing the Bitlocker GPO and applying it to the respective OU where the computer resides.
Jun 21 2017 08:33 AM
SolutionYes, however there is a challange which is that MBAM doesn't support servers yet. Without MBAM you can still use BitLocker but it won't be as manageable as some customers would like. You won't get reporting or self service recovery. Some customers feel these capabilities are primarily for client OS. We tend to agree but we plan to add such functionality in the future. Based on priorities it won't happen any time soon.
-Chris