Endpoint Encryption

 View Only

  • 1.  Programatically detect when decryption is done?

    Posted Mar 29, 2013 08:59 PM

    Hi all

    I am trying to decrypt PDP 10.x encrypted drive on an XP machine as a art of an OS deployment with SCCM 2012 (non bootable media process). I can start the process by running the

    PGPwde.exe --decrypt --passphrase ""passphrase"" --disk 0 --dedicated-mode"

    works fine. what I cannot find is a way to detect when the process is done, so i can reboot. The PGPwde.exe process runs only until the actual decryption starts. is there any hidden command line to run the reboot pst decryption? Any other suggestions how to effeciently do this?

    Thank you.

     

     



  • 2.  RE: Programatically detect when decryption is done?

    Posted Apr 03, 2013 04:31 AM

    if you know scripting you can just run shutdown.exe /r on the next line, itll then run the shutdown.exe /r one the PGPwde.exe command has completed, i.e. when decryption is done.



  • 3.  RE: Programatically detect when decryption is done?

    Posted Apr 03, 2013 08:28 AM

    I solved this with scripting ' ***************************************************************************** ' ' Decrypt a PGP drive prior of ZTI Deployment. ' We need to check the status of the decryption process before we continue ' this can be done by generating a status file and periodicall check it ' the first script starts decryption and writes teh fist status file ' this will be script # 1, ' <><><><><><><> ' // Set objFSO = CreateObject("Scripting.FileSystemObject") ' // Set wshShell = WScript.CreateObject ("WSCript.shell") ' // Set objFSO = CreateObject("Scripting.FileSystemObject") ' // Decrypt = "c:\progra~1\pgpcor~1\pgpdes~1\PGPwde.exe --decrypt --passphrase ""0611Champs"" --disk 0 --dedicated-mode" ' // Status = "CMD /c c:\progra~1\pgpcor~1\pgpdes~1\PGPwde.exe --Status>C:\status.txt" ' // wshshell.Run Decrypt,1,True ' // wshshell.Run Status,1,True ' <><><><><><> ' This is script # 2 ' Place both scripts under the Refrssh Scenario as the first group ' condition to run can bea status file or the existance of PGP folder. ' REFRESH ONLY ' Decryption Group ' Script #1 ' Script #2 ' First Version Shrek 46 ' Date: 3/31/2013 ' Credits: http://who10.hubpages.com/hub/Using-VBScript-To-Search-Inside-Files ' ' ***************************************************************************** Set wshShell = WScript.CreateObject ("WSCript.shell") Dim objFSO, strLine, objReadFile, strFound, strReboot, strStatus ' if we want to reboot once decryption is done. strReboot = "shutdown -r -t 60 -f " 'Command Line to generate the decryption status strStatus = "CMD /c c:\progra~1\pgpcor~1\pgpdes~1\PGPwde.exe --Status>C:\status.txt" 'Start working Do Until strFound > 0 wshshell.Run strStatus,1,True Set objFSO = CreateObject("Scripting.FileSystemObject") 'Read the status file Set objReadFile = objFSO.OpenTextFile("C:\status.txt", 1, False) 'Reads until EOF. Do Until objReadFile.AtEndOfStream 'Sets the line being read to a variable named strLine. strLine = objReadFile.ReadLine 'Trims the strLine variable to remove any leading or trailing spaces. strLine = Trim(strLine) 'Look for this line in Status.txt If InStr(strLine, "Disk 0 is not instrumented by bootguard.") Then strFound = 1 ' If this file is a part of an SCCM Task sequence, leave both lines below commented ' The script will return control to SCCM. 'WScript.quit() 'wshshell.Run strReboot,1,True strLine = Trim(strLine) End If Loop 'for as long as the text we search is not found, WScript.echo strLine Set objFSO = Nothing ' Sleep for 10 minutes befroe writing the next status file. WScript.Sleep 600000 Loop