Bitlock windows 1 772x408

Get Bitlocker Status and Decrypt Key

Bitlocker Status & Key Retrieval

Description

This script will check the status of Bitlocker on the C:\ Drive of the machine and return it's status as well as the decrypt key to a custom field if enabled.

Developer
  • Name: Jay Jansen
  • Company: Thrive Networks
  • Website: http://www.thrivenetworks.com
  • Contact Developer
  • Summary
  • Get Bitlocker Status and Decrypt Key
  • 427 Downloads
  • Version:
  • Released on May 9th, 2018
  • Reviews
    Gravatar for Dan Neuwirth
    by Dan Neuwirth on September 21st, 2018

    Worked beautifully for me. The hardest thing was trying to figure out how to add a custom field into Kaseya, but once I found it (Audit -> Machine Summary -> [New Custom Field]) and added the custom field everything worked flawlessly the first pass. Launched the script on approximately 1100 managed systems and within 5 minutes I had the Bitlocker status and keys for every single desktop/laptop node. Excellent. Now we no longer have to track all my client's nodes BitLocker keys in separate files for each client.

    Discussion
    Gravatar for Norberto
    Norberto over 1 year ago

    Need help with this.

    I receive this error:

    script summary: Failed THEN in step 2 (Line2)

    Gravatar for Oliver Heymanns
    Oliver Heymanns over 1 year ago

    Hi Noberto, you have to edit the procedure, line 2 you can choose which field to update......now iam stuck in line 3 "Failed Then in step 3

    Gravatar for Wynema Ware
    Wynema Ware about 1 year ago

    Any luck with Failed then in step 3?

    Gravatar for Cliff Peterson
    Cliff Peterson about 1 year ago

    There are five (5) updateSystemInfo() commands that need updated.  Lines 2, 8, 10,16, and 18.  Put the Custom Field name that you created in the " ".  The Custom Field should be of the String type.

    Gravatar for Craig Dean
    Craig Dean about 1 year ago

    Anyone got any instructions on this, I'm struggling too. 

    Gravatar for Cliff Peterson
    Cliff Peterson about 1 year ago

    Create the Custom Field and then modify those lines I referenced with that name as well.  That's all I did and it seems to be working fine.  Not sure I like the idea of dumping the key to a txt file, copying the key, and then deleting the text file.  But it's working.  I may try to modify it some when time allows.

    Gravatar for John Rutkowski
    John Rutkowski about 1 year ago

    i had no trouble. followed the instructions, works great.

    Gravatar for Dan Neuwirth
    Dan Neuwirth 12 months ago

    Worked beautifully for me.  The hardest thing was trying to figure out how to add a custom field into Kaseya, but once I found it (Audit -> Machine Summary -> [New Custom Field]) and added the custom field everything worked flawlessly the first pass.  Launched the script on approximately 1100 managed systems and within 5 minutes I had the Bitlocker status and keys for every single desktop/laptop node.  Excellent.

    Gravatar for Cliff Peterson
    Cliff Peterson 9 months ago

    Is this script no longer functional now that the output of the manage-bde command has changed?

    Gravatar for Onno de Vries
    Onno de Vries 9 months ago

    Hello Cliff,

    Please tell me, what the interface shows as error (line number and Agent Procedure Log information),  and as you recon it's the changed manage-bde command, please also run this command in Powershell "(Get-BitLockerVolume -MountPoint C).KeyProtector.recoverypassword" on a station of which you know is encrypted with bitlocker and feed me the result of it (keeping in mind to not send any sensitive data, replacing the key with X's for instance)?

    Regards,

    Onno

    Gravatar for Dusty Frey
    Dusty Frey about 2 months ago

    Works great, thank you.

    Gravatar for KaseyaUser
    KaseyaUser 8 days ago

    I got the error on line 3 as well.  

    I solved it by replacing C:\temp in the script with the Kaseya temp directory variable: #vAgentConfiguration.agentTempDir#

    I found the variable file access errors by looking in the Agent Procedure log:
    Agent > Agent Logs > Agent Admin Logs tab > Agent sub-tab.

    I didn't want to have the change C:\temp permissions for all computers like shown below, that why I used the Kaseya system temp directory variable.

    https://helpdesk.kaseya.com/hc/en-gb/articles/229038408-Why-is-the-Agent-Set-Credential-test-having-troubleshooting-failures-