Solved

Use vbs to check WMI and write registry key

Posted on 2011-03-02
4
2,831 Views
Last Modified: 2012-06-27
I created a script to check if BitLocker was enabled on a machine. The script works well if BitLocker is enabled. The registry key is created. The problem is that no registry key is created if BitLocker is not enabled.

I thought that the below would take care of any machine that does not have BitLocker enabled. Instead, no error appears but the registry key with a value of false is not created.

 Else
      Call BitLocker_Off

If I query WMI directly using wbemtest on a machine without BitLocker enabled, Select * from Win32_EncryptableVolume, it does not pull up any information.

Can anyone point me in the right direction?
strComputer = "."

Set SWBemlocator = CreateObject("WbemScripting.SWbemLocator")

Set BitLocker = SWBemlocator.ConnectServer(strComputer,"root\CIMV2\security\microsoftvolumeencryption")
Set BitLockerItems = BitLocker.ExecQuery("Select * from Win32_EncryptableVolume",,48)
	For Each BitLockerItem in BitLockerItems
		If BitLockerItem.DriveLetter = "C:" And BitLockerItem.ProtectionStatus = 1  Then		
			Call BitLocker_On
		Else
			Call BitLocker_Off
		End If
	Next
	
		
Sub BitLocker_On

		strComputer = "."
		Const HKEY_LOCAL_MACHINE = &H80000002
		
		Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ 
		strComputer & "\root\default:StdRegProv")
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		strApp = "BitLocker Enabled"
		strAppValue = "True"
		
		oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		strApp1 = "Script Last Run"
		strAppValue1 = Date & " - " & Time
		
		oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1
	
End Sub

Sub BitLocker_Off

		strComputer = "."
		Const HKEY_LOCAL_MACHINE = &H80000002		

		Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ 
		strComputer & "\root\default:StdRegProv")
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		strApp = "BitLocker Enabled"
		strAppValue = "False"
		
		oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue
		
		strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
		strApp1 = "Script Last Run"
		strAppValue1 = Date & " - " & Time
		
		oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1
	
End Sub

Open in new window

0
Comment
Question by:Lorrec
  • 3
4 Comments
 

Author Comment

by:Lorrec
ID: 35018922
I believe my problem is that the wmi query (Select * from Win32_EncryptableVolume) does not produce any results since the drive is not encrypted.

Is it possible to call BitLocker_Off if the query does produce any results?
0
 
LVL 12

Accepted Solution

by:
prashanthd earned 500 total points
ID: 35020197
Hi,

Please try the following

strComputer = "."
result_status=False

Set SWBemlocator = CreateObject("WbemScripting.SWbemLocator")

Set BitLocker = SWBemlocator.ConnectServer(strComputer,"root\CIMV2\security\microsoftvolumeencryption")
Set BitLockerItems = BitLocker.ExecQuery("Select * from Win32_EncryptableVolume",,48)
      For Each BitLockerItem in BitLockerItems
            result_status=True            
            If BitLockerItem.DriveLetter = "C:" And BitLockerItem.ProtectionStatus = 1  Then            
                  Call BitLocker_On
            Else
                  Call BitLocker_Off
            End If
      Next
      
      If result_status=false Then
            Call BitLocker_Off
      End if
            
Sub BitLocker_On

            strComputer = "."
            Const HKEY_LOCAL_MACHINE = &H80000002
            
            Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
            strComputer & "\root\default:StdRegProv")
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            strApp = "BitLocker Enabled"
            strAppValue = "True"
            
            oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            strApp1 = "Script Last Run"
            strAppValue1 = Date & " - " & Time
            
            oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1
      
End Sub

Sub BitLocker_Off

            strComputer = "."
            Const HKEY_LOCAL_MACHINE = &H80000002            

            Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
            strComputer & "\root\default:StdRegProv")
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            strApp = "BitLocker Enabled"
            strAppValue = "False"
            
            oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp,strAppValue
            
            strKeyPath = "SOFTWARE\Clariant\CCP\BitLocker"
            strApp1 = "Script Last Run"
            strAppValue1 = Date & " - " & Time
            
            oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strApp1,strAppValue1
      
End Sub
0
 

Author Comment

by:Lorrec
ID: 35021181
Thank you. That worked perfectly.
0
 

Author Closing Comment

by:Lorrec
ID: 35021186
Thank you again.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Problem to skip loop 6 55
how to add columns to script to read the file. 25 45
Scraping specific data within an XML document 19 54
Running VB/Batch script through Group policy 30 78
In this article we want to have a look at the directory attributes which are used by Microsoft to store the so called Security Identifiers (SID). These SIDs plays an important role in delegating and granting permissions and in authentication of trus…
This script will sweep a range of IP addresses (class c only, 255.255.255.0) and report to a log the version of office installed. What it does: 1.)      Creates log file in the directory the script is run from (if it doesn't already exist) 2.)      Sweep…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Edureka is one of the fastest growing and most effective online learning sites.  We are here to help you succeed.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now