I'm trying to create a script to look for external drive that are not encrypted with bitlocker and send a message window telling users to encrypt their drives.
Anyone know if this is doable through Kace K1000?

I know you can send a message window but can't find a way to verify if a machine is using or used an unencrypted drive before sending the message.

Thanks.
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

0
you are better off using a GPO to do this

https://technet.microsoft.com/en-us/library/jj679890(v=ws.11).aspx

you can always use gpedit.msc on a machine, set bitlocker rules how you want, then harvest the keys that it sets and use the k1000 to enforce those
Answered 12/29/2016 by: SMal.tmcc
Red Belt

  • Thanks and sorry for the late reply.

    Unfortunately, GPO is not something I can do because they are managed by our corporate site.

    I checked gpedit.msc but there doesn't seem to be a way to prompt user if they want to encrypt the drive or not when the user insert a removable drive.

    I've been playing with labels in k1000 and was able to put any machine that have an un-encrypted drive into a custom label. A script would run to send a reminder to any machines in that label. This work but it's not always constant since the kace agent only check in every now and then.

    I'm hoping for something that could constantly run and just do a simple reminder when a user plug in an unencrypted drive. I've been playing with vbscript and wmi but no luck so far.

    Anyway, I appreciate your help.
Please log in to comment
Answer this question or Comment on this question for clarity
Admin Script Editor
Admin Script Editor is an integrated scripting environment available free here at ITNinja

Share