/build/static/layout/Breadcrumb_cap_w.png

Check if flash drive or external drive are encrypted with bitlocker through kace k1000

I'm trying to create a script to look for external drive that are not encrypted with bitlocker and send a message window telling users to encrypt their drives.
Anyone know if this is doable through Kace K1000?

I know you can send a message window but can't find a way to verify if a machine is using or used an unencrypted drive before sending the message.

Thanks.

0 Comments   [ + ] Show comments

Answers (1)

Posted by: SMal.tmcc 7 years ago
Red Belt
0
you are better off using a GPO to do this

https://technet.microsoft.com/en-us/library/jj679890(v=ws.11).aspx

you can always use gpedit.msc on a machine, set bitlocker rules how you want, then harvest the keys that it sets and use the k1000 to enforce those

Comments:
  • Thanks and sorry for the late reply.

    Unfortunately, GPO is not something I can do because they are managed by our corporate site.

    I checked gpedit.msc but there doesn't seem to be a way to prompt user if they want to encrypt the drive or not when the user insert a removable drive.

    I've been playing with labels in k1000 and was able to put any machine that have an un-encrypted drive into a custom label. A script would run to send a reminder to any machines in that label. This work but it's not always constant since the kace agent only check in every now and then.

    I'm hoping for something that could constantly run and just do a simple reminder when a user plug in an unencrypted drive. I've been playing with vbscript and wmi but no luck so far.

    Anyway, I appreciate your help. - itnoob 7 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ