This one has been really handy.
$BitlockerVolumers = Get-BitLockerVolume
$BitlockerVolumers |
ForEach-Object {
$MountPoint = $_.MountPoint
$RecoveryKey = string.RecoveryPassword
if ($RecoveryKey.Length -gt 5) {
Write-Output ServerUtilsSetMachineProperty(@ThisMachine(),BitLocker,$RecoveryKey)
}
}Hi All
Hope these changes help :
# Get all BitLocker volumes
$bitLockerVolumes = Get-BitLockerVolume
foreach ($vol in $bitLockerVolumes) {
# MountPoint can be an array on some configurations
$mountPoint = if ($vol.MountPoint -is [System.Array]) {
$vol.MountPoint -join ','
} else {
$vol.MountPoint
}
# Extract Recovery Password protector(s)
$recoveryKeys = $vol.KeyProtector |
Where-Object { $_.KeyProtectorType -eq 'RecoveryPassword' } |
Select-Object -ExpandProperty RecoveryPassword -ErrorAction SilentlyContinue
if (-not $recoveryKeys) { continue }
foreach ($recoveryKey in $recoveryKeys) {
if ([string]::IsNullOrWhiteSpace($recoveryKey)) { continue }
if ($recoveryKey.Length -le 5) { continue }
# >>> Call your function here (adjust parameter names as required) <<<
# adds Lable then Drive and Key into the properties of machine
Write-Output ServerUtilsSetMachineProperty(@ThisMachine(),BitLocker Key $mountPoint,$RecoveryKey)
}
}
Out of curiosity, do you fire this off manually or do you have some sort of schedule? I’ve not been able to figure out how to schedule tools in SH yet but this would be one I would love to have automated.
Sorry for the late reply
we fire it manually - i need to add extra checks some cleaner error handling
if the machine has bitlocker installed it grabs the keys without any issues