Get Bitlocker Status and Decrypt Key
Product Name: Get Bitlocker Status and Decrypt Key
Description : This script will check the status of Bitlocker on the C:\ Drive of the machine and return it's status as well as the decrypt key to a custom field if enabled.
Instructions :
This script requires a custom field to be created called "Bitlocker Status:" with a type of STRING
Edit the script and update Line 2,8,10,16, and 18 with the newly created custom field and save it before running.
Comments
-
Need help with this.
I receive this error:
script summary: Failed THEN in step 2 (Line2)0 -
Hi Noberto, you have to edit the procedure, line 2 you can choose which field to update......now iam stuck in line 3 "Failed Then in step 30
-
Any luck with Failed then in step 3?
0 -
Anyone got any instructions on this, I'm struggling too.
0 -
i had no trouble. followed the instructions, works great.
0 -
Worked beautifully for me. The hardest thing was trying to figure out how to add a custom field into Kaseya, but once I found it (Audit -> Machine Summary -> [New Custom Field]) and added the custom field everything worked flawlessly the first pass. Launched the script on approximately 1100 managed systems and within 5 minutes I had the Bitlocker status and keys for every single desktop/laptop node. Excellent.
1 -
Hello Cliff,
Please tell me, what the interface shows as error (line number and Agent Procedure Log information), and as you recon it's the changed manage-bde command, please also run this command in Powershell "(Get-BitLockerVolume -MountPoint C).KeyProtector.recoverypassword" on a station of which you know is encrypted with bitlocker and feed me the result of it (keeping in mind to not send any sensitive data, replacing the key with X's for instance)?
Regards,
Onno
0 -
Works great, thank you.
0 -
I got the error on line 3 as well.
I solved it by replacing C:\temp in the script with the Kaseya temp directory variable: #vAgentConfiguration.agentTempDir#
I found the variable file access errors by looking in the Agent Procedure log:
Agent > Agent Logs > Agent Admin Logs tab > Agent sub-tab.I didn't want to have the change C:\temp permissions for all computers like shown below, that why I used the Kaseya system temp directory variable.
1 -
For failure in Step 2, your custom field string has to have the colon. If you look at the script, it looks for the string within the quotes.
Incorrect: Bitlocker Status
Correct: Bitlocker Status:
You can either update your custom field or you can edit the script to remove the colon. I didn't try the latter, but it should work. Kaseya won't show the extra colon in the audit menu so no concern over having a double colon display.
0 -
How can I add a custom field for EncryptionMethod?
0 -
@Arman
Depending on what you are trying to capture you could use powershell to pipe the result you want to a custom field.0 -
(Get-BitLockerVolume -MountPoint C).EncryptionMethod
0 -
It has always worked for me, but now I can't get the key/status and the Bitlocker is really on....also there are no fault codes it just says done.
0 -
I'd like to see a version of this that sets the PIN code, so people know the drive is encrypted.
0 -
please tell me, what the interface shows as error (line number and Agent Procedure Log information), and as you recon it's the changed manage-bde command, please also run this command in Powershell "(Get-BitLockerVolume -MountPoint C).KeyProtector.recoverypassword" on a station
0 -
please tell me, what the interface shows as error (line number and Agent Procedure Log information), and as you recon it's the changed manage-bde command, please also run this command in Powershell "(Get-BitLockerVolume -MountPoint C).KeyProtector.recoverypassword" on a station bluestacks download omegle.
0 -
Anyone got any instructions on this, I'm struggling too.
0 -
Could you elaborate the problem? I have it working fine.
0 -
Could you elaborate the problem? I have it working fine.
0 -
Errors out on "THEN" Line 3.
1 -
Works great, after creating the Custom Field (Audit -> Machine Summary -> [New Custom Field]) and updating the location of the temp txt file. I used #vAgentConfiguration.agentTempSecureDir# instead of C:\temp and made sure to update the file location of multiple steps. For some steps, you need to check the command being executed carefully, as the file location might be at the end of the command.
0
