Solved

Use vbs to check WMI and write registry key

Posted on 2011-03-02
4
2,926 Views
Last Modified: 2012-06-27
I created a script to check if BitLocker was enabled on a machine. The script works well if BitLocker is enabled. The registry key is created. The problem is that no registry key is created if BitLocker is not enabled.

I thought that the below would take care of any machine that does not have BitLocker enabled. Instead, no error appears but the registry key with a value of false is not created.

 Else
      Call BitLocker_Off

If I query WMI directly using wbemtest on a machine without BitLocker enabled, Select * from Win32_EncryptableVolume, it does not pull up any information.

Can anyone point me in the right direction?
strComputer = "."

Set SWBemlocator = CreateObject("WbemScripting.SWbemLocator")

Set BitLocker = SWBemlocator.ConnectServer(strComputer,"root\CIMV2\security\microsoftvolumeencryption")
Set BitLockerItems = BitLocker.ExecQuery("Select * from Win32_EncryptableVolume",,48)
	For Each BitLockerItem in BitLockerItems
		If BitLockerItem.DriveLetter = "C:" And BitLockerItem.ProtectionStatus = 1  Then		
			Call BitLocker_On
		Else
			Call BitLocker_Off
		End If
	Next
	
		
Sub BitLocker_On

		strComputer = "."
		Const HKEY_LOCAL_MACHINE = &H80000002
		
		Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ 
		strComputer & "\root\default:StdRegProv")
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		strApp = "BitLocker Enabled"
		strAppValue = "True"
		
		oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		strApp1 = "Script Last Run"
		strAppValue1 = Date & " - " & Time
		
		oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1
	
End Sub

Sub BitLocker_Off

		strComputer = "."
		Const HKEY_LOCAL_MACHINE = &H80000002		

		Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ 
		strComputer & "\root\default:StdRegProv")
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		strApp = "BitLocker Enabled"
		strAppValue = "False"
		
		oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		strApp1 = "Script Last Run"
		strAppValue1 = Date & " - " & Time
		
		oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1
	
End Sub

Open in new window

0
Comment
Question by:Lorrec
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 

Author Comment

by:Lorrec
ID: 35018922
I believe my problem is that the wmi query (Select * from Win32_EncryptableVolume) does not produce any results since the drive is not encrypted.

Is it possible to call BitLocker_Off if the query does produce any results?
0
 
LVL 12

Accepted Solution

by:
prashanthd earned 500 total points
ID: 35020197
Hi,

Please try the following

strComputer = "."
result_status=False

Set SWBemlocator = CreateObject("WbemScripting.SWbemLocator")

Set BitLocker = SWBemlocator.ConnectServer(strComputer,"root\CIMV2\security\microsoftvolumeencryption")
Set BitLockerItems = BitLocker.ExecQuery("Select * from Win32_EncryptableVolume",,48)
      For Each BitLockerItem in BitLockerItems
            result_status=True            
            If BitLockerItem.DriveLetter = "C:" And BitLockerItem.ProtectionStatus = 1  Then            
                  Call BitLocker_On
            Else
                  Call BitLocker_Off
            End If
      Next
      
      If result_status=false Then
            Call BitLocker_Off
      End if
            
Sub BitLocker_On

            strComputer = "."
            Const HKEY_LOCAL_MACHINE = &H80000002
            
            Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
            strComputer & "\root\default:StdRegProv")
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            strApp = "BitLocker Enabled"
            strAppValue = "True"
            
            oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            strApp1 = "Script Last Run"
            strAppValue1 = Date & " - " & Time
            
            oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1
      
End Sub

Sub BitLocker_Off

            strComputer = "."
            Const HKEY_LOCAL_MACHINE = &H80000002            

            Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
            strComputer & "\root\default:StdRegProv")
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            strApp = "BitLocker Enabled"
            strAppValue = "False"
            
            oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            strApp1 = "Script Last Run"
            strAppValue1 = Date & " - " & Time
            
            oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1
      
End Sub
0
 

Author Comment

by:Lorrec
ID: 35021181
Thank you. That worked perfectly.
0
 

Author Closing Comment

by:Lorrec
ID: 35021186
Thank you again.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome back!  My apologies for taking so long to write part two of this series; it's been a long time coming!  As I promised in Part 1, this article will focus on how to locate those elusive AD properties that you are searching for.  Why is this us…
With User Account Control (UAC) enabled in Windows 7, one needs to open an elevated Command Prompt in order to run scripts under administrative privileges. Although the elevated Command Prompt accomplishes the task, the question How to run as script…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question