This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

bitlocker - conversion status / volumestatus

grandfinalemike
Engaged Sweeper

‎02-02-2017 02:11 PM

Is there a way to scan and capture the 'Conversion Status' or 'volumestatus' of a harddrive. I know that in the win32_encryptablevolume, the protection status is captured. But, we have found that with new surface devices, the drive comes encrypted, but not enabled. So the conversion status will show 'encrypted' but the protection status will show "protection off". When using a different drive encryption method other than bitlocker, gathering this information would be very helpful without having to log onto each device to get this information.

thanks
Labels:
0 Kudos
1 REPLY 1
SouthySuper
Engaged Sweeper III

‎03-29-2017 03:21 PM

This is the report I built for getting the "status on"
We have a GPO that points to a network share and the GPO creates this registry entry:
Registry key scan: SOFTWARE\Policies\Microsoft\FVE, valuename=DefaultRecoveryFolderPath
Which ADUC uses that same location to display the recovery key

Determining if the recovery key is actually stored there from lansweeper is rather difficult as those are priveledged attributes not normally visible from ADUC (unless you change the schema)

As far as the bitlocker encryption process there is a wmi call but i'm unable to find the MS link at the moment




Select Top 1000000 tsysAssetTypes.AssetTypeIcon16 As icon,
tblAssets.AssetID,
tblAssets.AssetName,
tblEncryptableVolume.DriveLetter,
Case When tblEncryptableVolume.ProtectionStatus = 0 Then 'OFF'
When tblEncryptableVolume.ProtectionStatus = 1 Then 'ON' Else 'UNKNOWN'
End As BitLockStatus,
tblEncryptableVolume.LastChanged,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
tblAssets.IPAddress,
tblAssets.Description,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblAssetCustom.Location,
tsysIPLocations.IPLocation,
tsysOS.OSname As OS,
tblAssets.SP As SP,
tblAssets.Firstseen,
tblAssets.Lastseen
From tblEncryptableVolume
Inner Join tblAssets On tblEncryptableVolume.AssetId = tblAssets.AssetID
Inner Join tsysAssetTypes On tblAssets.Assettype = tsysAssetTypes.AssetType
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Join tsysIPLocations On tblAssets.LocationID = tsysIPLocations.LocationID
Where tblEncryptableVolume.ProtectionStatus = 1 And tblAssets.Assettype = -1
Order By tblAssets.AssetName
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now