Get Drive Encryptions status using WMI

Hello Guys,

I have written a VB script to check if drives are encrypted with bitlocker or not. It gives me "Access Denied" error. I do have required access. The script runs successfully only if it is executed with "Run As Administrator" option. This is making it difficult to pull status of remote systems. Kindly help.

---------------------------------------------------------------------------------------------------------------

strComputer = "10.48.7.150"
SET objWMIService = GetObject("winmgmts:\\" & strComputer & "\Root\CIMV2\Security\MicrosoftVolumeEncryption")
SET objWMIObject = objWMIService.ExecQuery("select * from win32_EncryptableVolume")
For Each drive in objWMIObject
Wscript.Echo "Drive Letter: "& drive.DriveLetter
Wscript.Echo "Protecton Status: "& drive.ProtectionStatus
Next

---------------------------------------------------------------------------------------------------------------

August 21st, 2015 4:38am

You do not need to use RunAs to access remote systems.  Only the local system requires that.  You still must be an administrator to use WMI.

Free Windows Admin Tool Kit Click here and download it now
August 21st, 2015 5:22am

Hi JVR,

Thanks for the reply. I got it working. Find below the working script.

strComputer = "10.48.7.150"
SET objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate,authenticationLevel=pktPrivacy}!\\" & strComputer & "\Root\CIMV2\Security\MicrosoftVolumeEncryption")
SET objWMIObject = objWMIService.ExecQuery("select * from win32_EncryptableVolume")
For Each drive in objWMIObject
	result = "Drive Letter: " & drive.DriveLetter & " Protection Status: " & drive.ProtectionStatus
	Wscript.Echo result
Next

August 26th, 2015 7:17am
This one is using powershell. "systems,csv" stores list of hostnames in column "Hostname" 
$final = @()

function getencstatus
{
	param([int]$encstatus)
	$status = switch ($encstatus) {
	0 {"Not Encrypted"; break}
	1 {"Encrypted"; break}
	2 {"Status unknown. Drive may be locked."; break}
	default {"Unknown error occured."; break}
	}
	return $status
}
$systems = Import-CSV .\Systems.csv
$count = $systems.count
$now = 1
foreach($system in $systems)
{
	Write-Host "Processing " $now " of " $count
	if($(get-wmiobject -query "select statuscode from win32_pingstatus where address='$($system.hostname)'").statuscode -eq 0)
	{
		$drives = $(Get-WmiObject -Impersonation Impersonate -Authentication PacketPrivacy -Namespace "Root\CIMV2\Security\MicrosoftVolumeEncryption" -ComputerName $system.hostname -Query "select * from win32_Encryptablevolume")
		foreach ($drive in $drives)
		{
			$temp = New-Object PSObject
			$temp | Add-Member -Type NoteProperty -Name Hostname -Value $system.hostname
			$temp | Add-Member -Type NoteProperty -Name "Drive Letter" -Value $drive.DriveLetter
			$temp | Add-Member -Type NoteProperty -Name Status -Value $(getencstatus($drive.ProtectionStatus))
			$final += $temp
			$temp = $null
		}
	}
	Else
	{
		$temp = New-Object PSObject
		$temp | Add-Member -Type NoteProperty -Name Hostname -Value $system.hostname
		$temp | Add-Member -Type NoteProperty -Name "Drive Letter" -Value "System offline. data cannot be fetched."
		$temp | Add-Member -Type NoteProperty -Name Status -Value "System offline. data cannot be fetched."
		$final += $temp
		$temp = $null
	}
	$now++
}
$final | Export-CSV .\Result.csv -NoTypeInformation
Free Windows Admin Tool Kit Click here and download it now
August 26th, 2015 7:20am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics