Et Script jeg har brugt for at se om Bitlocker er enabled på en Windows 7 maskine, og derefter sætter jeg en registry key, som kan bruges i et andet system, der ikke selv kan kigge i WMI direkte.
Write-Host "Getting the bitlocker info from local WMI"
$BTstatus = GWMI -Class Win32_EncryptableVolume -Namespace ROOT\cimv2\Security\MicrosoftVolumeEncryption | WHERE {$_.Driveletter -eq "C:"} | SELECT ProtectionStatus
$RegData = "HKLM:\Software\net-help"
IF(!(Test-Path $RegData))
{
New-Item -Path $RegData -Force
}
if (!$BTstatus)
{
Write-Host "no bitlocker, Setting Registry Flag"
Set-ItemProperty -Path $RegData -Name 'BitlockerEnabled' -Value 0 -Type Dword -force
Start-sleep 10
exit 998
}
else
{
switch ($BTstatus.ProtectionStatus)
{
0 {Write-Host "Bitlocker is disabled, doooing nothing.... somthing wrong...."; Set-ItemProperty -Path $RegData -Name 'BitlockerEnabled' -Value 0 -Type Dword -force ; exit 999 }
1 {Write-Host "Bitlocker is enabled, changing locals "; Set-ItemProperty -Path $RegData -Name 'BitlockerEnabled' -Value 1 -Type Dword -force ; Start-sleep 10 ; exit 0 }
default {Write-Host "Unknown bitlocker status, doooing nothing.... somthing wrong...."; Set-ItemProperty -Path $RegData -Name 'BitlockerEnabled' -Value 0 -Type Dword -force ; exit 999}
}
}