I have a powershell script that is supposed to harvest the Bitlocker key of a computer, then use that key to force the computer to backup the key to Active Directory. It works when I run it as an administrator by itself. However, when putting it into Kace it doesn't perform as expected.

The script looks like this:
$result = manage-bde -protectors -get c: -type recoverypassword
$id = $result -match "ID" | Out-String
$id = $id.Substring(10)
$revid = $id -replace "`t|`n|`r",""
$finalid = "$revid"
manage-bde -protectors -adbackup c: -id $finalid

Per the documentation I found here, I set up a kscript to run a batch file that calls the powershell script. I have the batch script running the following command:

powershell.exe -ExecutionPolicy Bypass -File "C:\ProgramData\Dell\KACE\kbots_cache\packages\kbots\127\bitlockerBackup.ps1"

The execution policy on the computer is actually set to unrestricted, so that shouldn't be an issue anyway. Any ideas on why this isn't working?

EDIT: I've updated the code to show my latest iteration, wherein I'm only calling the Powershell program once in the batch file. It still doesn't resolve the problem.

2 Comments   [ - ] Hide Comments


  • Hi pbrandvold, is there a reason for the double powershell.exe command in the begining?
    • The official documentation has it twice. However, I've tried with just calling powershell once and it doesn't help either.
  • Just call it once
Please log in to comment

Community Chosen Answer


That article is odd, I don't know why they hard-code the script dir. I would use "Launch a program"  with these settings:
Directory: $(KACE_SYS_DIR)\WindowsPowerShell\v1.0
File: powershell.exe
Parameters: -nologo -executionpolicy bypass -WindowStyle hidden -file $(KACE_DEPENDENCY_DIR)\bitlockerBackup.ps1
Answered 04/28/2017 by: JasonEgg
Red Belt

Please log in to comment
Answer this question or Comment on this question for clarity


Is this for x64 machines? if so try to specify the 64 bit powershell using %SystemRoot%\sysnative\WindowsPowerShell\v1.0\powershell.exe

if the KACE agent is running in 32 bit it will run the 32 bit powershell, which has issues dealing with the OS
Answered 05/16/2017 by: HISDTechGuy
Senior Yellow Belt

Please log in to comment