WinBatch® Technical Support Forum

Hi

How can I get the Bitlocker status for a list of machines ?


I tried this WMI script, but just for a local computer.


strComputer = "."
objWMIService = GetObject("winmgmts:\\" : strComputer : "\root\CIMV2\Security\MicrosoftVolumeEncryption")

colItems = objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume",,48)
ForEach objInstance In colItems
   ; Check for object.
   If !objInstance Then Continue
    If ObjectTypeGet(objInstance) == "EMPTY" Then Continue

   ; Compose the Bitlocker status and display same.
   If objInstance.ProtectionStatus == 0
      strStatus = "PROTECTION OFF"
   Endif
   If objInstance.ProtectionStatus == 1
      strStatus = "PROTECTION ON"
   EndIf

   Message("Drive: ":objInstance.DriveLetter, "Encryption status: ":strStatus)
Next

Simply specify the computername of the remote system in the strComputer variable in your script.

; Load Appropriate Extender
AddExtender('wwwnt34i.dll',0,'wwwnt64i.dll')
servers = wntResources("", 2, 1, 1)
strComputer = AskItemlist("Available servers", servers, @TAB,@SORTED,@SINGLE)

when I specified the computer name in the  :

strComputer = "XXXComputer"
objWMIService = GetObject("winmgmts:\\" : strComputer : "\root\CIMV2\Security\MicrosoftVolumeEncryption")

colItems = objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume",,48)
ForEach objInstance In colItems
   ; Check for object.
   If !objInstance Then Continue
    If ObjectTypeGet(objInstance) == "EMPTY" Then Continue

   ; Compose the Bitlocker status and display same.
   If objInstance.ProtectionStatus == 0
      strStatus = "PROTECTION OFF"
   Endif
   If objInstance.ProtectionStatus == 1
      strStatus = "PROTECTION ON"
   EndIf

   Message("Drive: ":objInstance.DriveLetter, "Encryption status: ":strStatus)
Next


I received an error on line 5 "colItems = objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume",,48)"

1261 : OLE:exception

Try clicking on the "more error info" button on the 1261 error dialog. Note: you must have access to this system using WMI: http://techsupt.winbatch.com/webcgi/webbatch.exe?techsupt/tsleft.web+WinBatch/WMI+!WMI~Security!.txt

Hi Deana

IÃ,´m a Domain Admin for the computers...

There are any way to pass User and Password in WMI just in case ?

Like this WMI script :

strUser = "xxxx"
strPassword = "xxxx"
Locator = ObjectOpen("WbemScripting.SWbemLocator")
Service = Locator.ConnectServer(servidor,"root/cimv2",strUser,strPassword)
Security = Service.Security_
Security.ImpersonationLevel = 3
Privs = Security.Privileges
Privs.AddAsString("SeSecurityPrivilege");<<<<< Sets security privilege
LogSet = Service.InstancesOf("Win32_Product")

;-------------------------------------------------------------
; Query principal

LogSet = Service.ExecQuery("Select * From Win32_Product")

This script works fine.

I think you must use the connect server method in order to specify user id and password:
http://msdn.microsoft.com/en-us/library/aa393720(v=vs.85).aspx


Reference: Executing Privileged Operations: http://msdn.microsoft.com/en-us/library/aa390428(v=vs.85).aspx

objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate,(Security)}!\\" : strComputer : "\root\CIMV2\Security\MicrosoftVolumeEncryption")

Still access denied...  IÃ,´m looking for another way...

Thanks Deana.

The ConnectServer method is the only method I am aware of. Anyone else?

Any reason why you cannot use the ConnectServer method?

According to the class documentation, MicrosoftVolumeEncryption requires that  "Connection encryption must be able to connect to the provider." That would suggest that you need to add something like "authenticationLevel=pktPrivacy" someplace. 

Untried but as a follow-up

objLocator.Security_.AuthenticationLevel = 6 ;WbemAuthenticationLevelPktPrivacy = 6


How can I use this code to test ? (sorry.. IÃ,´m a new Winbatch user...)

Quote from: luciotorres on October 16, 2013, 04:42:13 AM
How can I use this code to test ? (sorry.. IÃ,´m a new Winbatch user...)

Undebugged sample:

strComputer = "CMP111"
strUser = ""
strPswd = ""
objSWbemLocator = CreateObject("WbemScripting.SWbemLocator")
objWMIService = objSWbemLocator.ConnectServer(strComputer, "\root\cimv2\security\microsoftvolumeencryption", strUser, strPswd )
objSecurity = objWMIService.Security_
objSecurity.ImpersonationLevel = 3
objSecurity.AuthenticationLevel = 6 ;WbemAuthenticationLevelPktPrivacy = 6
colItems = objWMIService.ExecQuery ("Select * from Win32_EncryptableVolume")
ForEach objInstance In colItems
   ; Check for object.
   If !objInstance Then Continue
    If ObjectTypeGet(objInstance) == "EMPTY" Then Continue

   ; Compose the Bitlocker status and display same.
   If objInstance.ProtectionStatus == 0
      strStatus = "PROTECTION OFF"
   Endif
   If objInstance.ProtectionStatus == 1
      strStatus = "PROTECTION ON"
   EndIf
   Message("Drive: ":objInstance.DriveLetter, "Encryption status: ":strStatus)
Next

Exit

Perfect Deana !

Now I can get the remote information about bitlocker !

Thank you for your help.

:D