Hi,

I am trying to get 3 custom inventory rules to work but I am having trouble with them not detecting anything and as a result not applying them to the relevant labels which I have created for each one.

Is it a known issue or should I be using a different rule? I have verified that the 3 keys exist in the registry.

Has anyone experienced the same problem?

 

1) RegistryValueEquals(HKEY_LOCAL_MACHINE\SOFTWARE\BitLocker,BitLockerEnabled,True)

2) RegistryValueEquals(HKEY_LOCAL_MACHINE\SOFTWARE\BitLocker,BitLockerEnabled,False)

3) RegistryValueEquals(HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\HP Universal Printing PS (v4.7))

Answer Summary:
Cancel
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Community Chosen Answer

1

Solution:

Dell Kace Agent is a 32 bit application. Hence on a 64 bit OS, to access 64 bit registry hive following would be the change. Append 64 in HKEY_LOCAL_MACHINE

Answered 09/05/2012 by: White Belt
Blue Belt

  • HKLM64 or HKEY_LOCAL_MACHINE64 should work. It might also be in the WOW6432node as well.
  • Thanks jknox, it did :)
  • Also it should be noted that in order to assign machines which have the BitLocker registry keys to a label I have created a computer inventory smart label which detects the software entries.
  • White Belt would you able to paste the command you are having success with? I am so far not able to make this inventory rule work. I also am not finding that key BitLockerEnabled on Win 7 64 registry where BitLocker is active.
    • Hi malathrop,

      1) I run the following bitlocker detect VB script on a laptop specific label which creates or changes an existing registry key based on whether bitlocker is enabled or not on our laptops.
      ------------------------------
      strComputer = "."
      result_status=False

      Set SWBemlocator = CreateObject("WbemScripting.SWbemLocator")

      Set BitLocker = SWBemlocator.ConnectServer(strComputer,"root\CIMV2\security\microsoftvolumeencryption")
      Set BitLockerItems = BitLocker.ExecQuery("Select * from Win32_EncryptableVolume",,48)
      For Each BitLockerItem in BitLockerItems
      result_status=True
      If BitLockerItem.DriveLetter = "C:" And BitLockerItem.ProtectionStatus = 1 Then
      Call BitLocker_On
      Else
      Call BitLocker_Off
      End If
      Next

      If result_status=false Then
      Call BitLocker_Off
      End if

      Sub BitLocker_On

      strComputer = "."
      Const HKEY_LOCAL_MACHINE = &H80000002

      Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
      strComputer & "\root\default:StdRegProv")

      strKeyPath = "SOFTWARE\BitLocker"
      oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath

      strKeyPath = "SOFTWARE\BitLocker"
      strApp = "BitLockerEnabled"
      strAppValue = "True"

      oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue

      strKeyPath = "SOFTWARE\BitLocker"
      strApp1 = "Script Last Run"
      strAppValue1 = Date & " - " & Time

      oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1

      End Sub

      Sub BitLocker_Off

      strComputer = "."
      Const HKEY_LOCAL_MACHINE = &H80000002

      Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
      strComputer & "\root\default:StdRegProv")

      strKeyPath = "SOFTWARE\BitLocker"
      oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath

      strKeyPath = "SOFTWARE\BitLocker"
      strApp = "BitLockerEnabled"
      strAppValue = "False"

      oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue

      strKeyPath = "SOFTWARE\BitLocker"
      strApp1 = "Script Last Run"
      strAppValue1 = Date & " - " & Time

      oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1

      End Sub
      -----------------------

      2) I then run separate software custom inventory rules using the following registry keys which detects these keys and adds them to the relevant label.

      RegistryValueEquals(HKEY_LOCAL_MACHINE64\SOFTWARE\BitLocker,BitLockerEnabled,True)

      RegistryValueEquals(HKEY_LOCAL_MACHINE64\SOFTWARE\BitLocker,BitLockerEnabled,False)
  • Awesome, thanks for the script. I have it as a Managed Install, but had to change the inventory query to
    RegistryValueEquals(HKLM\SOFTWARE\BitLocker,BitLockerEnabled,True) 64 not needed in my case...weird, we are 100% X64...
  • update: I needed to query for HKLM OR HKLM64 in order to inventory - don't know why this is inconsistent. However, thank you for sharing it solved my need. Bravo!
Please log in to comment

Answers

0

Here is an article that I created using custom inventory rules to search and inventory what version of IE is installed.  Maybe you can find it helpful!

http://www.itninja.com/blog/view/kace-custom-inventory-rules-101

Answered 04/16/2013 by: c_brock
Third Degree Brown Belt

Please log in to comment
Answer this question or Comment on this question for clarity