Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

How to Get FileVaule Status for Mac into Altiris

Created: 22 Oct 2013 • Updated: 22 Oct 2013
Language Translations
JAunmc's picture
0 0 Votes
Login to vote

First you need to have the agent installed. (Might post an article on how to simplify that)

Then you need to create a scheduled software package or recurring task using the script below.  Some of this script is borrowed from one I found and edited to work with altiris.

. `aex-helper info path -s INVENTORY`/lib/helpers/custominv_inc.sh
#
# Sample script for custom inventory
# The first line of code should be always included at the begin of the script
# Actual script for collecting inventory data begins after the following label:
# SCRIPT_BEGINS_HERE
#!/bin/sh
echo Filevault2Status
echo "Delimiters=\"%\" "
echo string256
echo FileVault_Status

CORESTORAGESTATUS="/private/tmp/corestorage.txt"
ENCRYPTSTATUS="/private/tmp/encrypt_status.txt"
ENCRYPTDIRECTION="/private/tmp/encrypt_direction.txt"

# Get number of CoreStorage devices. The egrep pattern used later in the script
# uses this information to only report on the first encrypted drive, which should
# be the boot drive.
#
# Credit to Mike Osterman for identifying this problem in the original version of
# the script and finding a fix for it.
#

DEVICE_COUNT=`diskutil cs list | grep -E "^CoreStorage logical volume groups" | awk '{print $5}' | sed -e's/(//'`

EGREP_STRING=""
if [ "$DEVICE_COUNT" != "1" ]; then
  EGREP_STRING="^\| *"
fi

osversionlong=`sw_vers -productVersion`
osvers=${osversionlong:3:1}
CONTEXT=`diskutil cs list | grep -E "$EGREP_STRING\Encryption Context" | sed -e's/\|//' | awk '{print $3}'`
ENCRYPTIONEXTENTS=`diskutil cs list | grep -E "$EGREP_STRING\Has Encrypted Extents" | sed -e's/\|//' | awk '{print $4}'`
ENCRYPTION=`diskutil cs list | grep -E "$EGREP_STRING\Encryption Type" | sed -e's/\|//' | awk '{print $3}'`
CONVERTED=`diskutil cs list | grep -E "$EGREP_STRING\Size \(Converted\)" | sed -e's/\|//' | awk '{print $5, $6}'`
SIZE=`diskutil cs list | grep -E "$EGREP_STRING\Size \(Total\)" | sed -e's/\|//' | awk '{print $5, $6}'`

# Checks to see if the OS on the Mac is 10.7 or 10.8.
# If it is not, the following message is displayed without quotes:
# "FileVault 2 Encryption Not Available For This Version Of Mac OS X"

if [[ ${osvers} -lt 7 ]]; then
  var='FileVault 2 Encryption Not Available For This Version Of Mac OS X'
  echo $var
fi

if [[ ${osvers} -ge 7 ]]; then
  diskutil cs list >> $CORESTORAGESTATUS
 
    # If the Mac is running 10.7 or 10.8, but does not have
    # any CoreStorage volumes, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Not Enabled"
   
    if grep -iE 'No CoreStorage' $CORESTORAGESTATUS 1>/dev/null; then
       var='FileVault 2 Encryption Not Enabled'
       echo $var
    fi
   
    # If the Mac is running 10.7 or 10.8 and has CoreStorage volumes,
    # the script then checks to see if the machine is encrypted,
    # encrypting, or decrypting.
    #
    # If encrypted, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Complete"
    #
    # If encrypting, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Proceeding."
    # How much has been encrypted of of the total
    # amount of space is also displayed. If the
    # amount of encryption is for some reason not
    # known, the following message is
    # displayed without quotes:
    # "FileVault 2 Encryption Status Unknown. Please check."
    #
    # If decrypting, the following message is
    # displayed without quotes:
    # "FileVault 2 Decryption Proceeding"
    # How much has been decrypted of of the total
    # amount of space is also displayed
    #
    # If fully decrypted, the following message is
    # displayed without quotes:
    # "FileVault 2 Decryption Complete"
    #

    if grep -iE 'Logical Volume Family' $CORESTORAGESTATUS 1>/dev/null; then

    # This section does 10.7-specific checking of the Mac's
    # FileVault 2 status

      if [ "$CONTEXT" = "Present" ]; then
        if [ "$ENCRYPTION" = "AES-XTS" ]; then
       diskutil cs list | grep -E "$EGREP_STRING\Conversion Status" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTSTATUS
      if grep -iE 'Complete' $ENCRYPTSTATUS 1>/dev/null; then
       var='FileVault 2 Encryption Complete'
                       echo $var
            else
        if  grep -iE 'Converting' $ENCRYPTSTATUS 1>/dev/null; then
          diskutil cs list | grep -E "$EGREP_STRING\Conversion Direction" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTDIRECTION
            if grep -iE 'Forward' $ENCRYPTDIRECTION 1>/dev/null; then
             var="FileVault 2 Encryption Proceeding $CONVERTED of $SIZE Encrypted"
                              echo $var
                  else
              var='FileVault 2 Encryption Status Unknown. Please check.'
                              echo $var
               fi
               fi
             fi
        else
            if [ "$ENCRYPTION" = "None" ]; then
              diskutil cs list | grep -E "$EGREP_STRING\Conversion Direction" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTDIRECTION
                if grep -iE 'Backward' $ENCRYPTDIRECTION 1>/dev/null; then
                  var="FileVault 2 Decryption Proceeding. $CONVERTED of $SIZE Decrypted"
                  echo $var
                elif grep -iE '-none-' $ENCRYPTDIRECTION 1>/dev/null; then
                  var='FileVault 2 Decryption Completed'
                  echo $var
                fi
            fi
        fi
      fi 
fi
fi
    # This section does 10.8-specific checking of the Mac's
    # FileVault 2 status

      if [ "$ENCRYPTIONEXTENTS" = "Yes" ]; then
        if [ "$ENCRYPTION" = "AES-XTS" ]; then
       diskutil cs list | grep -E "$EGREP_STRING\Fully Secure" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTSTATUS
      if grep -iE 'Yes' $ENCRYPTSTATUS 1>/dev/null; then
        var='FileVault 2 Encryption Complete'
                        echo $var
            else
        if  grep -iE 'No' $ENCRYPTSTATUS 1>/dev/null; then
          diskutil cs list | grep -E "$EGREP_STRING\Conversion Direction" | sed -e's/\|//' | awk '{print $3}' >> $ENCRYPTDIRECTION
            if grep -iE 'forward' $ENCRYPTDIRECTION 1>/dev/null; then
              var="FileVault 2 Encryption Proceeding. $CONVERTED of $SIZE Encrypted"
                              echo $var
                  else
            if grep -iE 'backward' $ENCRYPTDIRECTION 1>/dev/null; then
                       var="FileVault 2 Decryption Proceeding. $CONVERTED of $SIZE Decrypted"
                       echo $var
                          elif grep -iE '-none-' $ENCRYPTDIRECTION 1>/dev/null; then
                            var='FileVault 2 Decryption Completed'
                            echo $var
               fi
                  fi
               fi
            fi 
         fi
       fi
      if [ "$ENCRYPTIONEXTENTS" = "No" ]; then
        var='FileVault 2 Encryption Not Enabled'
                        echo $var
      fi

# Remove the temp files created during the script

if [ -f /private/tmp/corestorage.txt ]; then
   rm /private/tmp/corestorage.txt
fi

if [ -f /private/tmp/encrypt_status.txt ]; then
   rm /private/tmp/encrypt_status.txt
fi

if [ -f /private/tmp/encrypt_direction.txt ]; then
   rm /private/tmp/encrypt_direction.txt
fi