Generate MBAM Reports
Microsoft BitLocker Administration and Monitoring (MBAM) generates various reports to monitor BitLocker encryption usage and compliance. This topic describes how to open the MBAM administration website and how to generate MBAM reports on enterprise compliance, individual computers, hardware compatibility, and key recovery activity. For more information about MBAM reports, see Understanding MBAM Reports.
Note To run the reports, you must be a member of the Report Users role on the computers where you have installed the Administration and Monitoring Server features, Compliance and Audit Database, and Compliance and Audit Reports.
To open the MBAM Administration website
Open a web browser and navigate to the MBAM website. The default URL for the website is http://<computername> of the Microsoft BitLocker Administration and Monitoring server.
Note If the MBAM administration website was installed on a port other than port 80, you must specify that port number in the URL. For example, http://<computername>:<port>. If you specified a Host Name for the MBAM administration website during the installation, the URL would be http://<hostname>.
In the navigation pane, click Reports. In the main pane, click the tab for your report type: Enterprise Compliance Report, Computer Compliance Report, Hardware Audit Report, or Recovery Audit Report.
Note Historical MBAM Client data is retained in the compliance database. This retained data may be needed in case a computer is lost or stolen. When running enterprise reports, you should use appropriate start and end dates to scope the time frames for the reports from one to two weeks to increase the reporting data accuracy.
To generate an enterprise Compliance Report
On the MBAM administration website, click Reports in the navigation pane, then click the Enterprise Compliance Report tab and select the appropriate filters for your report. For the Enterprise Compliance Report, you can set the following filters.
Compliance Status. Use this filter to specify the compliance status types (for example, Compliant or Noncompliant) to include in the report.
Error State. Use this filter to specify the Error State types, such as No Error or Error, to include in the report.
Click View Report to display the specified report.
The report results can be saved in any of several available file formats such as HTML, Microsoft Word, and Microsoft Excel.
Note The Enterprise Compliance report is generated by a SQL job that runs every six hours. Therefore, the first time you try to view the report you may find that some data is missing.
To view information about a computer in the Computer Compliance Report, select the computer name.
Select the plus sign (+) next to the computer name to view information about the volumes on the computer.
To generate the Computer Compliance Report
In the MBAM administration website, select the Report node in the navigation pane, and then select the Computer Compliance Report. Use the Computer Compliance report to search for user name or computer name.
Click View Report to view the computer report.
Results can be saved in any of several available file formats such as HTML, Microsoft Word, and Microsoft Excel.
To display more information about a computer in the Computer Compliance Report, select the computer name.
Select the plus sign (+) next to the computer name to view information about the volumes on the computer.
Note An MBAM Client computer is considered compliant if the computer matches the requirements of the MBAM policy settings or the computer’s hardware model is set to incompatible. Therefore, when you are viewing detailed information about the disk volumes associated with the computer, computers that are exempt from BitLocker encryption due to hardware compatibility can be displayed as compliant even though their drive volume encryption status is displayed as noncompliant.
To generate the Hardware Compatibility Audit Report
From the MBAM administration website, select the Report node from the navigation pane, and then select the Hardware Audit Report. Select the appropriate filters for your Hardware Audit report. The Hardware Audit report offers the following available filters:
User (Domain\User). Specifies the name of the user who made a change.
Change Type. Specifies the type of changes you are looking for.
Start Date. Specifies the Start Date part of the date range that you want to report on.
End Date. Specifies the End Date part of the date range that you want to report on.
Click View Report to view the report.
Results can be saved in several available file formats such as HTML, Microsoft Word, and Microsoft Excel.
To generate the Recovery Key Audit Report
From the MBAM administration website, select the Report node in the navigation pane, and then select the Recovery Audit Report. Select the filters for your Recovery Key Audit report. The available filters for Recovery Key audits are as follows:
Requestor. Specifies the user name of the requestor. The requestor is the person in the help desk who accessed the key on behalf of a user.
Requestee. Specifies the user name of the requestee. The requestee is the person who called the help desk to obtain a recovery key.
Request Result Specifies the request result types, such as: Success or Failed. For example, you may want to view failed key access attempts.
Key Type. Specifies the Key Type, such as: Recovery Key Password or TPM Password Hash.
Start Date. Specifies the Start Date part of the date range.
End Date. Specifies the End Date part of the date range.
Click View Report to display the report.
Results can be saved in several available file formats such as HTML, Microsoft Word, and Microsoft Excel.