User Tools

Site Tools


scripts:powershell

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
scripts:powershell [2018/09/06 21:48]
joew
scripts:powershell [2018/09/09 21:26] (current)
joew
Line 128: Line 128:
 Remove-Item D:​\mush\Disk_Utilization.scr Remove-Item D:​\mush\Disk_Utilization.scr
 </​code>​ </​code>​
 +===== Get Bitlocker Status =====
  
 +<code powershell>​
 +function Get-BitlockerStatus {
 +    Param($ComputerName = $null)
 +    ​
 +    $Computer_Array = @()
 +    if ($ComputerName -eq $null) {
 +        $Computers = Get-ADComputer -Filter '​OperatingSystem -eq "​Windows 10 Pro"'​ -SearchBase "​OU=Mobiles,​OU=SITE,​OU=US,​DC=americas,​DC=ad,​DC=COMPANY,​DC=com"​ -Properties Name | sort Name | select -expand Name
 +    } else {
 +        $Computers = $ComputerName
 +    }
 +
 + $TotalComputers = $Computers.Count
 + $Position = 1
 +
 +    Foreach ($Computer in $Computers) {
 + Write-Progress -Activity "​Checking Bitlocker Status"​ -Status "​Processing $Computer ($Position of $TotalComputers)"​ -PercentComplete (($Position/​$TotalComputers) * 100) -ErrorAction SilentlyContinue
 +
 +        $OU = (((Get-AdComputer $Computer -properties DistinguishedName).DistinguishedName).Substring(15)).Split(","​)[0]
 +
 +        $CO = @()
 +        $CO = New-Object PSObject  ​
 +        $CO | Add-Member -Name '​ComputerName'​ -MemberType NoteProperty -Value $Computer
 +
 +        if (Test-Connection -ComputerName $Computer -Count 1 -Quiet) {
 + $ComputerIP = [System.Net.Dns]::​GetHostAddresses($Computer).IpAddressToString
 + $ComputerHost = [System.Net.Dns]::​GetHostbyAddress($ComputerIP).hostname
 + if (($ComputerIP -match "​10.118."​) -or ($ComputerHost -contains $Computer)) {
 +
 + $Bitlocker_String = manage-bde.exe -status -cn $Computer c:
 + $Status = ($Bitlocker_String | Select-String -Pattern '​Conversion Status'​).ToString()
 + $CO | Add-Member -Name '​Status'​ -MemberType NoteProperty -Value (($Status.Trim()).Substring(18)).Trim()
 + $Percentage = ($Bitlocker_String | Select-String -Pattern '​Percentage Encrypted'​).ToString()
 + $CO | Add-Member -Name '​Percentage'​ -MemberType NoteProperty -Value (($Percentage.Trim()).SubString(22)).Trim()
 + if (Get-WmiObject -ComputerName $Computer -Class Win32_Product -Filter "​Name='​McAfee Management of Native Encryption'"​) {
 + $CO | Add-Member -Name '​McAfeeEncryption'​ -MemberType NoteProperty -Value "​Installed"​
 + } else {
 + $CO | Add-Member -Name '​McAfeeEncryption'​ -MemberType NoteProperty -Value "Not Installed"​
 + }
 +                $TPM_Status = Get-WMIObject -computer $Computer –class Win32_Tpm –Namespace root\cimv2\Security\MicrosoftTpm | Select IsActivated_InitialValue,​IsEnabled_InitialValue,​IsOwned_InitialValue,​PhysicalPresenceVersionInfo,​SpecVersion
 +                $CO | Add-Member -Name '​TPM_Activation'​ -MemberType NoteProperty -Value $TPM_Status.IsActivated_InitialValue
 +                $CO | Add-Member -Name '​TPM_Enabled'​ -MemberType NoteProperty -Value $TPM_Status.IsEnabled_InitialValue
 +                $CO | Add-Member -Name '​TPM_Owned'​ -MemberType NoteProperty -Value $TPM_Status.IsOwned_InitialValue
 +                $CO | Add-Member -Name '​TPM_Spec'​ -MemberType NoteProperty -Value $TPM_Status.SpecVersion
 +                $CO | Add-Member -Name '​TPM_Version'​ -MemberType NoteProperty -Value $TPM_Status.PhysicalPresenceVersionInfo
 + $DriveLetter = "​C:"​
 + $BitLocker = Get-WmiObject -Computer $Computer -Namespace "​Root\cimv2\Security\MicrosoftVolumeEncryption"​ -Class "​Win32_EncryptableVolume"​ -Filter "​DriveLetter = '​$DriveLetter'"​
 + $ProtectorIds = $BitLocker.GetKeyProtectors("​0"​).volumekeyprotectorID ​      
 + $return = @()
 +
 + foreach ($ProtectorID in $ProtectorIds){
 +
 + $KeyProtectorType = $BitLocker.GetKeyProtectorType($ProtectorID).KeyProtectorType
 +
 + $keyType = ""​
 +
 + switch($KeyProtectorType){
 +
 + "​0"​{$Keytype = "​Unknown or other protector type";​break}
 +
 + "​1"​{$Keytype = "​Trusted Platform Module (TPM)";​break}
 +
 + "​2"​{$Keytype = "​External key";​break}
 +
 + "​3"​{$Keytype = "​Numerical password";​break}
 +
 + "​4"​{$Keytype = "TPM And PIN";​break}
 +
 + "​5"​{$Keytype = "TPM And Startup Key";​break}
 +
 + "​6"​{$Keytype = "TPM And PIN And Startup Key";​break}
 +
 + "​7"​{$Keytype = "​Public Key";​break}
 +
 + "​8"​{$Keytype = "​Passphrase";​break}
 +
 + "​9"​{$Keytype = "TPM Certificate";​break}
 +
 + "​10"​{$Keytype = "​CryptoAPI Next Generation (CNG) Protector";​break}
 +
 + }#​endSwitch
 +
 + $Key_Protectors += ($Keytype + " - ")
 +
 + }#​EndForeach
 +                $Key_Protectors = $Key_Protectors.TrimEnd("​ - ")
 + $CO | Add-Member -Name '​Key_Protectors'​ -MemberType NoteProperty -Value $Key_Protectors
 + }
 +
 +        } else {
 +            $CO | Add-Member -Name '​Status'​ -MemberType NoteProperty -Value "​Offline"​
 +            $CO | Add-Member -Name '​Percentage'​ -MemberType NoteProperty -Value "​Offline"​
 + $CO | Add-Member -Name '​McAfeeEncryption'​ -MemberType NoteProperty -Value "​Offline"​
 +            $CO | Add-Member -Name '​TPM_Activation'​ -MemberType NoteProperty -Value "​Offline"​
 +            $CO | Add-Member -Name '​TPM_Enabled'​ -MemberType NoteProperty -Value "​Offline"​
 +            $CO | Add-Member -Name '​TPM_Owned'​ -MemberType NoteProperty -Value "​Offline"​
 +            $CO | Add-Member -Name '​TPM_Spec'​ -MemberType NoteProperty -Value "​Offline"​
 +            $CO | Add-Member -Name '​TPM_Version'​ -MemberType NoteProperty -Value "​Offline"​
 + $CO | Add-Member -Name '​Key_Protectors'​ -MemberType NoteProperty -Value "​Offline"​
 +        }
 +
 +        $CO | Add-Member -Name '​OU'​ -MemberType NoteProperty -Value $OU
 +
 +        $Computer_Array += $CO
 +
 +        $Bitlocker_String = $null
 +        $Status = $null
 +        $Percentage = $null
 +        $CO = $null
 +        $OU = $null
 +        $TPM_Status = $null
 + $Key_Protectors = $null
 + $Position++
 +    }
 +    $Computer_Array | Sort OU,​Status,​ComputerName | ft -AutoSize
 +}
 +</​code>​
scripts/powershell.txt · Last modified: 2018/09/09 21:26 by joew