Video Screencast Help

Need assistance with an analysis report that I'm writing in Tivoli

Created: 06 Sep 2012 | 5 comments

Hello, I'm trying to find a way to identify that a hard drive has been encrypted via a file or reg entry. I'm writing a report in Tivoli/Bigfix where it will return a True or False result when it locates a file or registry entry showing that the drive has been fully encrypted. Any assistance would be appreciated. Thanks

 

Comments 5 CommentsJump to latest comment

Tom Mc's picture

Not quite what you are looking for, but this Knowledge Base Article may be of help.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Alex_CST's picture

I'm not fully aware of the abilities of Tivoli, but using the command line tool you can get the status of a disk like so:

pgpwde --status --disk 0 > C:\pgpwdestatus.txt

Thatll give you a text file, maybe Tivoli can inspect that text file for a specific string? If the Highwater mark and the sector count are the same, the entire disk is encrypted.

 

You could also use the >> C:\allpgpwdestatus.txt command to have a central text file so its all in one place, but I'm not sure how you'd determine the difference between one computer and another, maybe doing it like > \\networkshare\%computername%.txt would be the best way

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

Mark7777's picture

Thanks for you reply Weevil. My drives don't seem to have either of those text files on them...maybe a different version? I use 10.2. Thanks again!

Alex_CST's picture

no  they are just example files, you can call it anything

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

Mark7777's picture

Awh yes, I haven't used the tool much (as you can tell). I'll give that a try. Thanks!