Wiki source code of Konfigurationsprofile
Last modified by Sabrina V. on 2025/03/11 06:50
Hide last authors
author | version | line-number | content |
---|---|---|---|
![]() |
1.1 | 1 | {{aagon.priorisierung}} |
2 | 160 | ||
3 | {{/aagon.priorisierung}} | ||
4 | |||
5 | {{aagon.floatingbox/}} | ||
6 | |||
![]() |
34.1 | 7 | Configuration Profiles allow you to set BitLocker settings on the client, such as whether to encrypt operating system disks and which key protectors to enable for fixed data drives. |
![]() |
1.1 | 8 | |
![]() |
34.1 | 9 | Two sample default configuration profiles (Clients and Servers) are provided and can be applied in a variety of ways. |
![]() |
1.1 | 10 | |
11 | {{figure}} | ||
![]() |
4.1 | 12 | [[image:64_BitLocker Management_Konfigurationsprofile.png||data-xwiki-image-style-alignment="center"]] |
![]() |
1.1 | 13 | |
14 | {{figureCaption}} | ||
![]() |
34.1 | 15 | Overview of the configuration profiles in BitLocker Management |
![]() |
1.1 | 16 | {{/figureCaption}} |
17 | {{/figure}} | ||
18 | |||
![]() |
34.1 | 19 | In general, configuration profiles can be organised and managed using directories. Each action (adding, editing, deleting and duplicating configuration profiles) requires the appropriate permissions, which can be assigned using the [[User Management>>doc:ACMP.67.ACMP-Solutions.System.Benutzerverwaltung.WebHome||anchor="HGruppenverwalten"]]. |
![]() |
1.1 | 20 | |
![]() |
34.1 | 21 | The configuration profiles are divided into three parts and are defined by Microsoft under the following headings: [[Operating System Drives>>doc:.Konfigurationsprofil-Einstellungen.WebHome||anchor="HOperatingsystemdrives"]], [[Fixed Data Drives>>doc:.Konfigurationsprofil-Einstellungen.WebHome||anchor="HFixeddatadrives"]] and [[Removable Data Drives>>doc:.Konfigurationsprofil-Einstellungen.WebHome||anchor="HRemovabledatadrives"]]. |
![]() |
1.1 | 22 | |
![]() |
34.1 | 23 | = Working with Configuration Profiles = |
![]() |
1.1 | 24 | |
![]() |
34.1 | 25 | == Assigning Configuration Profiles to Clients == |
![]() |
20.1 | 26 | |
![]() |
34.1 | 27 | There are two ways of assigning Configuration Profiles to your Clients: |
![]() |
1.1 | 28 | |
![]() |
34.1 | 29 | **~1. By explicit assignment** |
30 | This assignement is done via a query. To do this, select a required Client, navigate to BitLocker Management in the Query action bar, and click //Assign Configuration Profile//. This will open a dialogue box where you can select the required configuration profile. Within the default configuration, you can overwrite the configuration assignment with a container. If this is not desired you can uncheck this option. Continue the association by clicking on //Execute//. You can view the status of the mapping in the Job Monitor. | ||
![]() |
1.1 | 31 | |
![]() |
34.1 | 32 | **2. Via an automatic container association** |
33 | In the Container plug-in, select a container or create a new one, and then switch to the //BitLocker Management// tab. Then click either //Assign// in the ribbon bar or //Click in the workspace to assign a configuration profile//. Any Client assigned to a Container with a Configuration Profile assignment will automatically receive the Configuration Profile. | ||
![]() |
1.1 | 34 | |
35 | {{aagon.infobox}} | ||
![]() |
34.1 | 36 | Note that only one Configuration Profile can be assigned to each Client! If a Client is assigned to more than one Container, the Client will receive the Configuration Profile from the Container with the highest priority. If you are also using Multi-Tenancy, the Global Containers are assigned above the Client Containers. |
![]() |
1.1 | 37 | {{/aagon.infobox}} |
38 | |||
![]() |
34.1 | 39 | If you want to remove the assignment or make changes to the Configuration Profile, you can also do this from the ribbon bar. |
![]() |
1.1 | 40 | |
41 | {{aagon.infobox}} | ||
![]() |
34.1 | 42 | If a Managed Client is skipped when manually assigning the profile, the minimum requirement will not be met. Please note the[[ requirements>>doc:ACMP.67.ACMP-Solutions.Security.BitLocker Management.WebHome||anchor="HSystemrequirementsforBitLocker"]] for BitLocker management on the clients. |
![]() |
1.1 | 43 | {{/aagon.infobox}} |
44 | |||
![]() |
34.1 | 45 | == **Container behaviour** == |
![]() |
1.1 | 46 | |
![]() |
34.1 | 47 | You can see which containers have been assigned a configuration profile by looking at the BitLocker icon. To do this, navigate to the //Container// plug-in (//Client Management// > //Containers//), where all existing containers are listed. A BitLocker icon will appear in the //Properties// column if a configuration profile has been assigned to that container. |
![]() |
1.1 | 48 | |
![]() |
34.1 | 49 | The BitLocker icon appears in two colours: |
![]() |
1.1 | 50 | |
![]() |
34.1 | 51 | 1. As a blue icon: The container is directly associated with a configuration profile. |
52 | 1. As a grey icon: The container has an inherited association. This means that all child containers inherit the configuration profile of the parent container. | ||
![]() |
1.1 | 53 | |
![]() |
34.1 | 54 | You can undo the inheritance at any time by clicking on //Cancel// in the ribbon bar. If you want to undo the action, click //Restore//. |