Applies ToBitLocker Administration and Monitoring 1.0

Symptoms

When you use the Microsoft BitLocker Administration and Monitoring setup wizard (Mbamsetup.exe) to install Microsoft BitLocker Administration and Monitoring (MBAM), the installation is not completed. Additionally, the following error message is logged in the installation log:

The specified directory service attribute or value does not exist.

Cause

This issue occurs because Mbamsetup.exe uses the local computer account to perform a custom action that creates the necessary local groups and adds domain members to the groups. When the default Active Directory permissions are changed, the computer may not successfully query Active Directory. Therefore, the custom action fails, and the overall MBAM installation fails.

Resolution

Use the MBAMsetup.exe in the MBAM 1.0 Language Release, this release addresses the issue. Information on the language release can be found here: http://onlinehelp.microsoft.com/en-us/mdop/hh921956.aspxMbamsetup.exe from this release performs the custom action in the context of the user who runs the installation to accommodate alternative security configurations. This release was part of the MDOP 2011 R2 language update. MDOP subscribers can download the software at the Microsoft Volume Licensing site (MVLS).

Workaround

To work around the issue, make sure that the computer account on which MBAM is being installed has read and list permissions to Active Directory down to the container where the MBAM service account resides.

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

For more information about Microsoft BitLocker Administration and Monitoring, visit the following Microsoft website:

General information about Microsoft BitLocker Administration and MonitoringFor more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.