Windows 10 is supported in both MBAM 2.5 and MBAM 2.5 SP1.MBAM 2.5 SP1 adds support for Microsoft SQL Server 2014 SP1, in addition to the same software that is supported in earlier versions of MBAM.Beginning in MBAM 2.5 SP1, a separate MSI is no longer included with the MBAM product.However, you can extract the MSI from the executable file (.exe) that is included with the product.On computers running TPM 1.2, you can now configure MBAM to automatically unlock the TPM in case of a lockout.If the TPM lockout auto reset feature is enabled, MBAM can detect that a user is locked out and then get the Owner Auth password from the MBAM database to automatically unlock the TPM for the user.
MBAM 2.5 SP1 has the following features: MBAM enforces the Bit Locker encryption policy options that you set for your enterprise, monitors the compliance of client computers with those policies, and reports on the encryption status of the enterprise’s and individual’s computers.
Previously, if MBAM did not own the TPM, the TPM Owner Auth could not be escrowed to the MBAM database.
To configure MBAM to own the TPM and to store the passwords, you had to disable TPM auto-provisioning and clear the TPM on the client computer.
In Windows 7, MBAM must own the TPM to automatically escrow TPM Owner Auth information in the MBAM database.
If MBAM does not own the TPM and Active Directory (AD) backup of the TPM is configured through Group Policy, you must use the MBAM Active Directory (AD) Data Import cmdlets to copy TPM Owner Auth from AD into the MBAM database.