Question : Restricting Access to BitLocker Management

I've gone through and configured group policy for my domain so it backs up BitLocker recovery keys to AD and enforces select policies, but I've run into an issue. (ETA: Windows 7 machines)

Most of my people who have laptops are local administrators on their machines. Local admins can disable BitLocker. Any ideas how I could restrict access to the BitLocker management interface to users who are local admins (but not domain admins)? I didn't see anything in group policy that could accomplish this. Thanks!

Answer : Restricting Access to BitLocker Management

This can be done easily with these two steps
1. Configure a GPO to remove the Bitlocker Icon from Control Panel.
2. Configure Application Control Policies (Applocker) to block manage-bde.exe.

You can follow the detail instruction on the link below

http://blogs.technet.com/b/askcore/archive/2010/08/13/how-to-prevent-local-administrator-from-turning-off-bitlocker.aspx

Random Solutions

Error:Arithmetic overflow error converting varchar to data type numeric.

Major help is needed customizing the Windows 7 default user profile

ISA denying with blank rule

User's Web-Based AOL Mail is sending spam to all his contacts

delete text from column B that exists in column A - Excel

Cisco PIX 506E configuration for VPN pass through

Database on a 64 bit OS - Conection issues

Caml Query on Item versiion History

Exchange 2010 Domain Prep

the object is not accessible because is a friend