Bitlock windows 1 772x408

Get Bitlocker Status and Decrypt Key

Bitlocker Status & Key Retrieval

Description

This script will check the status of Bitlocker on the C:\ Drive of the machine and return it's status as well as the decrypt key to a custom field if enabled.

Developer
  • Name: Jay Jansen
  • Company: Thrive Networks
  • Website: http://www.thrivenetworks.com
  • Contact Developer
  • Summary
  • Get Bitlocker Status and Decrypt Key
  • 648 Downloads
  • Version:
  • Released on May 9th, 2018
  • Reviews
    Gravatar for Matthew Sheehan
    by Matthew Sheehan on October 11th, 2019

    This was an excellent and easy to use procedure. It seemed to work well for me and I now have a quick way to asses clients for this information.

    Gravatar for Dan Neuwirth
    by Dan Neuwirth on September 21st, 2018

    Worked beautifully for me. The hardest thing was trying to figure out how to add a custom field into Kaseya, but once I found it (Audit -> Machine Summary -> [New Custom Field]) and added the custom field everything worked flawlessly the first pass. Launched the script on approximately 1100 managed systems and within 5 minutes I had the Bitlocker status and keys for every single desktop/laptop node. Excellent. Now we no longer have to track all my client's nodes BitLocker keys in separate files for each client.

    Discussion
    Gravatar for Norberto
    Norberto about 2 years ago

    Need help with this.

    I receive this error:

    script summary: Failed THEN in step 2 (Line2)

    Gravatar for Oliver Heymanns
    Oliver Heymanns about 2 years ago

    Hi Noberto, you have to edit the procedure, line 2 you can choose which field to update......now iam stuck in line 3 "Failed Then in step 3

    Gravatar for Wynema Ware
    Wynema Ware almost 2 years ago

    Any luck with Failed then in step 3?

    Gravatar for Craig Dean
    Craig Dean almost 2 years ago

    Anyone got any instructions on this, I'm struggling too. 

    Gravatar for John Rutkowski
    John Rutkowski over 1 year ago

    i had no trouble. followed the instructions, works great.

    Gravatar for Dan Neuwirth
    Dan Neuwirth over 1 year ago

    Worked beautifully for me.  The hardest thing was trying to figure out how to add a custom field into Kaseya, but once I found it (Audit -> Machine Summary -> [New Custom Field]) and added the custom field everything worked flawlessly the first pass.  Launched the script on approximately 1100 managed systems and within 5 minutes I had the Bitlocker status and keys for every single desktop/laptop node.  Excellent.

    Gravatar for Onno de Vries
    Onno de Vries over 1 year ago

    Hello Cliff,

    Please tell me, what the interface shows as error (line number and Agent Procedure Log information),  and as you recon it's the changed manage-bde command, please also run this command in Powershell "(Get-BitLockerVolume -MountPoint C).KeyProtector.recoverypassword" on a station of which you know is encrypted with bitlocker and feed me the result of it (keeping in mind to not send any sensitive data, replacing the key with X's for instance)?

    Regards,

    Onno

    Gravatar for Dusty Frey
    Dusty Frey 11 months ago

    Works great, thank you.

    Gravatar for KaseyaUser
    KaseyaUser 9 months ago

    I got the error on line 3 as well.  

    I solved it by replacing C:\temp in the script with the Kaseya temp directory variable: #vAgentConfiguration.agentTempDir#

    I found the variable file access errors by looking in the Agent Procedure log:
    Agent > Agent Logs > Agent Admin Logs tab > Agent sub-tab.

    I didn't want to have the change C:\temp permissions for all computers like shown below, that why I used the Kaseya system temp directory variable.

    https://helpdesk.kaseya.com/hc/en-gb/articles/229038408-Why-is-the-Agent-Set-Credential-test-having-troubleshooting-failures-


    Gravatar for Rey Marquez
    Rey Marquez about 2 months ago

    For failure in Step 2, your custom field string has to have the colon. If you look at the script, it looks for the string within the quotes.

    Incorrect: Bitlocker Status

    Correct: Bitlocker Status:

    You can either update your custom field or you can edit the script to remove the colon. I didn't try the latter, but it should work. Kaseya won't show the extra colon in the audit menu so no concern over having a double colon display.