Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Bitlocker Keys import

Created: 08 Apr 2013 • Updated: 01 Oct 2013 | 4 comments
This issue has been solved. See solution.

I am working on a script that will pull the bitlocker recovery key for a computer into Altiris.  The Script appears to get the information but it doesn't make it into Altiris.  The Guids for the custom data class are correct.  looking for ideas.  Script posted below.

strComputer = "."
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root/CIMv2/Security/MicrosoftVolumeEncryption")

Set objCIMObj = objWMIService.ExecQuery("select * from Win32_EncryptableVolume",,48)

dim nse
set nse = WScript.CreateObject ("Altiris.AeXNSEvent")

nse.To = "{1592B913-72F3-4C36-91D2-D4EDA21D2F96}"
nse.Priority = 1

dim objDCInstance
set objDCInstance = nse.AddDataClass ("{5ac8ce35-db50-44c2-86c4-84841fcedc94}")

dim objDataClass
set objDataClass = nse.AddDataBlock (objDCInstance)
 
  For Each objItem in objCIMObj
 
Set oShell = WScript.CreateObject("WSCript.shell")
oShell.run"cmd /K manage-bde -protectors -get """ &objitem.driveletter& """ >C:\keys.txt", 0, True

Const ForReading = 1

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("C:\keys.txt", ForReading)

Do Until objFile.AtEndOfStream
    strNextLine = objFile.ReadLine
    If Len(strNextLine) > 0 Then
        strLine = strNextLine
    End If

Loop

objFile.Close

Wscript.Echo strLine

dim objDataRow
set objDataRow = objDataClass.AddRow

objDataRow.SetField 0, objItem.DriveLetter
objDataRow.SetField 1, strLine
Next

nse.SendQueued

Operating Systems:

Comments 4 CommentsJump to latest comment

fabio.sanches's picture

Could you please post an keys.txt example?

AngelD's picture

try moving the "dim objDataRow" out of the do loop,

are you getting any output from the "Wscript.Echo strLine" line?

Lery's picture

I'm sorry to say that I do not know VB Script.  I do know Powershell though.  The SMP has two samples, under Notification Server, to enable and disable the PowerShell execution policy.  So you could create a job the first disabled the execution policy, runs a PowerShell Script, and then enables the default PowerShell execution policy.  Or, if your organization has its own cert. store, you could sign the script yourself.

If I'm mistaken, I apologize, but it looks like you're trying to get the content of a file c:\keys.txt?  If you can give me a little more detail, perhaps I can help you using PowerShell?

JAunmc's picture

So I fixed the issue.  it was in the .run line.  it stalled waiting for cmd to exit.  I also added a line to del the keys.txt file when it's done.  I also tested it on computers with multiple drives.  Code posed below:

strComputer = "."
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root/CIMv2/Security/MicrosoftVolumeEncryption")

Set objCIMObj = objWMIService.ExecQuery("select * from Win32_EncryptableVolume",,48)
'Set objCIMObj = objWMIService.ExecQuery("Select * from Win32_EncryptableVolume " & "Where DriveLetter = C:'")

dim nse
set nse = WScript.CreateObject ("Altiris.AeXNSEvent")

nse.To = "{1592B913-72F3-4C36-91D2-D4EDA21D2F96}"
nse.Priority = 1

dim objDCInstance
set objDCInstance = nse.AddDataClass ("{0683de19-a007-4eba-9ad5-32748a52ef14}")

dim objDataClass
set objDataClass = nse.AddDataBlock (objDCInstance)
 
For Each objItem in objCIMObj
 
Set oShell = WScript.CreateObject("WSCript.shell")
oShell.run"cmd /K manage-bde -protectors -get """ &objitem.driveletter& """ >C:\keys.txt & exit",0,True

'Const ForReading = 1

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("C:\keys.txt", 1)

Do Until objFile.AtEndOfStream
    strNextLine = objFile.ReadLine
    If Len(strNextLine) > 0 Then
        strLine = strNextLine
    End If
Loop

objFile.Close

'Wscript.Echo strLine

dim objDataRow
set objDataRow = objDataClass.AddRow

objDataRow.SetField 0, objItem.DriveLetter
objDataRow.SetField 1, strLine
Next

oShell.run"cmd /K del c:\keys.txt & exit",0,True

nse.SendQueued

SOLUTION