I was wondering how the Bitlocker Compliance pulls it’s information? I am getting fluctuating numbers for machines reporting keys stored in our MBAM server, yesterday a collection reported 666 machines with keys in MBAM and today that number is down to 664. What are the conditions of the query that is run that would make these numbers change?
Also an unrelated question, has anyone encountered an issue where performing an operation with RCT will crash SCCM and in doing so would change/modify settings or options of a deployment that was being set up/interacted with when it crashed? More specifically if a deployment was set to a collection, but while using RCT to evaluate that collection to pick u the deployment SCCM crashed and the collection that was deployed to changed to a different more general collection, like the root “All Systems” collection.
It sounds like you are referring to the left pie chart in the BitLocker Compliance Dashboard. It is simply querying the MBAM Recovery and Hardware database to find computers with one or more recovery keys stored. If one or more keys are found that can be linked to a computer, it shows as having a key in MBAM.
As for the second issue you mentioned, I would be curious to know what you are running in Right Click Tools that causes the console to crash. If you are experiencing that behavior, it is likely a bug that needs to be fixed. However, we have zero tools that actually touch deployments themselves. It is possible that there is a bug in Configuration Manager itself that could maybe revert a targeted collection on crash if the deployment was in the middle of being modified. That being said, if you could submit a support case with more information, we would love to take a look and get that crash issue fixed.
Something to note, that dashboards starts by pulling in machines from an AD domain, or selected filtered ou. If a machine does not exist in that domain or OU, whether or not it has a key in MBAM won’t matter. It won’t show in the dashboard.