Hi all,
I've been given the task of implementing AD based bitlocker. We will initially be targeting laptops and eventually move onto desktops.
After reading through the below MS doco, my initial plan is to install:
1. The BitLocker Drive Encryption feature on my new Win Server 2019 DC
2. The BitLocker Network Unlock/WDS and MBAM on a separate existing Win Server 2016
Do you think this is ok or can anyone give me a recommended structure? I feel the doco is not complete and missing a few important information/steps.
Any help would be great.
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server
Thanks.