Help with CIR Bitlocker Key
Hello,
I am trying to get bitlocker encryption keys added to the inventory records. I've read a lot of posts on this which has gotten me pretty far but I seem to be missing some step of the process still. Here is what I have:
I have the Software item in the catalog created. Here it is:
And then I have the distribution set up. Here it is:
The distribution is working successfully, but nothing shows up in the CIR still. What am I missing? Thanks!
2 Comments
[ + ] Show comments
Answers (3)
Please log in to answer
Posted by:
KevinG
4 years ago
Posted by:
Hobbsy
4 years ago
Try it without the speechmarks, so:
ShellCommandTextReturn(cmd.exe /c %windir%\sysnative\manage-bde.exe -protectors -get c:)
Comments:
-
Hi Hobbsy,
I've tried it without the quotes, no change. Here is the output using psexec to run kdeploy -custominventory. First without quotes, then with quotes. It looks like maybe the system is not recognizing the command I'm issuing. I got the command from this other ITNinja post:
http://www.itninja.com/blog/view/use-kace-to-store-and-retrieve-bitlocker-recovery-keys
[2020-05-05.15:06:47][KDeploy:CDeployController::Execu] rule ID [206121] : issuing rule [ShellCommandTextReturn(cmd.exe /c \%windir%\sysnative\manage-bde.exe -protectors -get c:\);]
[2020-05-05.15:06:47][KLanch_client:KLaunchClient::Lau] KLaunchClient::Launch()
[2020-05-05.15:06:47][KLanch_client:KLaunchClient::Dum] Launch State: Command="cmd.exe /c \%windir%\sysnative\manage-bde.exe -protectors -get c:\" WorkingDir="" Timeout=3600000 ShouldDetach=0 ShowWindow=0 Redirect_stdout=1 Redirect_stderr=0 Desktop=winsta0\default Using Wait_Override=0
[2020-05-05.15:06:47][KLanch_client:KLaunchUtils::Does] DoesTokenHaveLSAPriviledges returning: 0
[2020-05-05.15:06:47][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::Launch() DoesCurrentProcessHaveLSAPriviledges = false
[2020-05-05.15:06:47][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::LaunchNoSession()
[2020-05-05.15:06:47][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::SetupStartInfo *Don't CreateStdPipe StdIn Pipe (disabled)
[2020-05-05.15:06:47][KLanch_client:KLaunchUtils::Buil] BuildCommandPath: Did not find cmd.exe /c \C:\WINDOWS\sysnative\manage-bde.exe -protectors -get c:\ under searchPath='C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Airtame;C:\Program Files (x86)\Sennheiser\SoftphoneSDK\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Users\adminhammondj\AppData\Local\Microsoft\WindowsApps' tempPath=''
[2020-05-05.15:06:47][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::LaunchNoSession - CreateProcess returned successfully
[2020-05-05.15:06:47][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::ReadStdPipe End of ReadStdPipe method
[2020-05-05.15:06:47][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::Wait WaitForSingleObject failed: status 0, ExitCode 1
[2020-05-05.15:06:47][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::ProcessResults - End
[2020-05-05.15:06:47][KDeploy:CDeployController::Execu] rule [206121] statement result: "", FALSE
[2020-05-05.15:06:47][KDeploy:CDeployController::RunCu] KDeploy finished processing 2 custominventory rules, sending response
[2020-05-05.15:06:47][KDeploy:CDeployController::RunCu] KDeploy sending response: [;196978:]
-----------------------------
[2020-05-05.16:48:58][KDeploy:CDeployController::Execu] rule ID [206121] : issuing rule [ShellCommandTextReturn(cmd.exe /c \"%windir%\sysnative\manage-bde.exe -protectors -get c:\");]
[2020-05-05.16:48:58][KLanch_client:KLaunchClient::Lau] KLaunchClient::Launch()
[2020-05-05.16:48:58][KLanch_client:KLaunchClient::Dum] Launch State: Command="cmd.exe /c \"%windir%\sysnative\manage-bde.exe -protectors -get c:\"" WorkingDir="" Timeout=3600000 ShouldDetach=0 ShowWindow=0 Redirect_stdout=1 Redirect_stderr=0 Desktop=winsta0\default Using Wait_Override=0
[2020-05-05.16:48:58][KLanch_client:KLaunchUtils::Does] DoesTokenHaveLSAPriviledges returning: 0
[2020-05-05.16:48:58][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::Launch() DoesCurrentProcessHaveLSAPriviledges = false
[2020-05-05.16:48:58][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::LaunchNoSession()
[2020-05-05.16:48:58][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::SetupStartInfo *Don't CreateStdPipe StdIn Pipe (disabled)
[2020-05-05.16:48:58][KLanch_client:KLaunchUtils::Buil] BuildCommandPath: Did not find cmd.exe /c \"C:\WINDOWS\sysnative\manage-bde.exe -protectors -get c:\" under searchPath='C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Airtame;C:\Program Files (x86)\Sennheiser\SoftphoneSDK\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Users\adminhammondj\AppData\Local\Microsoft\WindowsApps' tempPath=''
[2020-05-05.16:48:58][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::LaunchNoSession - CreateProcess returned successfully
[2020-05-05.16:48:58][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::ReadStdPipe End of ReadStdPipe method
[2020-05-05.16:48:58][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::Wait WaitForSingleObject failed: status 0, ExitCode 1
[2020-05-05.16:48:58][KLanch_client:KLaunchClientImpl:] KLaunchClientImpl::ProcessResults - End
[2020-05-05.16:48:58][KDeploy:CDeployController::Execu] rule [206121] statement result: "", FALSE
[2020-05-05.16:48:58][KDeploy:CDeployController::RunCu] KDeploy finished processing 2 custominventory rules, sending response
[2020-05-05.16:48:58][KDeploy:CDeployController::RunCu] KDeploy sending response: [;196978:] - hammondj 4 years ago
Posted by:
hammondj
4 years ago
C:\WINDOWS\system32>manage-bde -protectors C: -get
BitLocker Drive Encryption: Configuration Tool version 10.0.18362
Copyright (C) 2013 Microsoft Corporation. All rights reserved.
Volume C: []
All Key Protectors
TPM:
ID: {REMOVED FOR SECURITY}
PCR Validation Profile:
7, 11
(Uses Secure Boot for integrity validation)
Numerical Password:
ID: {REMOVED FOR SECURITY}
Password:
REMOVED FOR SECURITY
C:\WINDOWS\system32> - hammondj 4 years ago