Bitlocker status reporting in SCCM

I have SCCM 2007 installed in my network and I would like to use it to find out how many of my systems are encrypted using Bitlocker. I am aware that we need to do a bit of tweaking with reference to the link below:
http://fbinotto.blogspot.se/2013/01/sccm-reporting-bitlocker.html
Its pretty straightforward and looks simple. But it gives a link to download a powershell script which needs to run on all the systems in order to enable SCCM to pull the status of bitlocker in them. This link is not working. Can anyone help in getting hold of this script or point me in the right direction to do this?

Thanks,
Bejesh
JYBejeshAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
bitlocker_status_v1.1.ps1

# Name             : Bitlocker_Status.ps1
# Purpose          : Create a WMI provider for Bitlocker to report Bitlocker Status to SCCM
#                   
# Date             : 19 oktober 2010
# Version          : Initial Release
# Author           : Daniel.Last@getronics.com
#=======================================================================================================
# Date             : 25 oktober 2010
# Change           : Created the ability to process script to check Bitlocker status for every persistent volume (removeable drives excluded) 
#                    Changed the way how to write the key protectors column to use "," as delimiter 
# Version          : 1.1
# Author           : Daniel.Last@getronics.com 

# Create Hash Table
$Arguments = @{}

# Getting WMI Objects
$Bitstatus = @(Get-WmiObject win32_EncryptableVolume -Namespace root\cimv2\Security\MicrosoftVolumeEncryption -ErrorAction SilentlyContinue) #| where-object {$_.PersistentVolumeID -ne ""})

# Check if Bitstatus is $null
If ($Bitstatus -eq $null) {
# Bitlocker is Disabled
$Arguments.Add("Bitlocker_Status" , "Disabled")

# Create DHS_Bitlocker WMI Class
Remove-WmiObject DHS_Bitlocker -ErrorAction SilentlyContinue
$newWMIObject = New-Object System.Management.ManagementClass
$newWMIObject.Name = "DHS_Bitlocker"
$newWMIObject.Properties.add("Bitlocker_Status", "")
$newWMIObject.Properties.item("Bitlocker_Status").Qualifiers.Add("Key", $true)
$newWMIObject.Put()

# Write Bitlocker Status into the WMI DHS_Bitlocker Repository
Set-WmiInstance -Class DHS_Bitlocker -Argument $Arguments
}
else {
# Create DHS_Bitlocker WMI Class
Remove-WmiObject DHS_Bitlocker -ErrorAction SilentlyContinue
$newWMIObject = New-Object System.Management.ManagementClass
$newWMIObject.Name = "DHS_Bitlocker"
$newWMIObject.Properties.add("Drive", "")
$newWMIObject.Properties.add("Bitlocker_Status", "")
$newWMIObject.Properties.add("DriveLabel", "")
$newWMIObject.Properties.add("Size", "")
$newWMIObject.Properties.add("BitLocker_Version", "")
$newWMIObject.Properties.add("Conversion_Status", "")
$newWMIObject.Properties.add("Percentage_Encrypted", "")
$newWMIObject.Properties.add("Encryption_Method", "")
$newWMIObject.Properties.add("Protection_Status", "")
$newWMIObject.Properties.add("Lock_Status", "")
$newWMIObject.Properties.add("Identification_Field", "")
$newWMIObject.Properties.add("Key_Protectors", "")
$newWMIObject.Properties.add("ScriptLastRan", "")
$newWMIObject.Properties.item("Drive").Qualifiers.Add("Key", $true)
$newWMIObject.Put()

# For each drive in Bitdrive process drive(s)
Foreach ($Bitdrive in $Bitstatus) {
	$Drive = $Bitdrive.DriveLetter

	$Volume = Get-WmiObject Win32_Volume | where-object {$_.Driveletter -eq $Drive}

	# Capture status values in Hash Table which don't require name translation
	$Arguments.Add("Drive" , $Drive)
	$Arguments.Add("DriveLabel" , $Volume.Label)
	$Arguments.Add("ScriptLastRan" , (Date))
	$Arguments.Add("Percentage_Encrypted" , ($Bitdrive.GetConversionStatus()).EncryptionPercentage)

	# Proccessing status values for translation
	$Version = ($Bitdrive.GetVersion()).Version
	$ConversionStatus = ($Bitdrive.GetConversionStatus()).ConversionStatus
	$EncryptionMethod = ($Bitdrive.GetEncryptionMethod()).EncryptionMethod
	$ProtectionStatus = ($Bitdrive.GetProtectionStatus()).ProtectionStatus
	$LockStatus = ($Bitdrive.GetLockStatus()).LockStatus
	$IdentificationField = ($Bitdrive.GetIdentificationField()).IdentificationField

	for($i=1; $i -le 8; $i++) {
	    $VolumeKeyProtectorID = ($Bitdrive.GetKeyProtectors($i)).VolumeKeyProtectorID
	        If ($VolumeKeyProtectorID -ne $Null) {
	            Switch ($i) {
	                1 {$KeyProtectorIDTypes = "Trusted Platform Module (TPM)"}
	                2 {$KeyProtectorIDTypes += ",External key"}
	                3 {$KeyProtectorIDTypes += ",Numeric password"}
	                4 {$KeyProtectorIDTypes += ",TPM And PIN"}
	                5 {$KeyProtectorIDTypes += ",TPM And Startup Key"}
	                6 {$KeyProtectorIDTypes += ",TPM And PIN And Startup Key"}
	                7 {$KeyProtectorIDTypes += ",Public Key"}
	                8 {$KeyProtectorIDTypes += ",Passphrase"}
					Default {$KeyProtectorIDTypes = "None"}
	            } 
	        }
	}
	$Arguments.Add("Key_Protectors" , $KeyProtectorIDTypes)

	# Translating integer values into logical names
	$Size = "{0:N2}" -f ($Volume.Capacity / 1GB) + " GB"
	$Arguments.Add("Size" , $Size)

	Switch ($Version) {
	     0 {$Arguments.Add("BitLocker_Version" , "UNKNOWN")}
	     1 {$Arguments.Add("BitLocker_Version" , "VISTA")}
	     2 {$Arguments.Add("BitLocker_Version" , "Windows 7")}
	     }     

	Switch ($ConversionStatus) {
	     0 {$Arguments.Add("Conversion_Status" , "FULLY DECRYPTED")}
	     1 {$Arguments.Add("Conversion_Status" , "FULLY ENCRYPTED")}
	     2 {$Arguments.Add("Conversion_Status" , "ENCRYPTION IN PROGRESS")}
	     3 {$Arguments.Add("Conversion_Status" , "DECRYPTION IN PROGRESS")}
	     4 {$Arguments.Add("Conversion_Status" , "ENCRYPTION PAUSED")}
	     5 {$Arguments.Add("Conversion_Status" , "DECRYPTION PAUSED")}
	     }

	Switch ($EncryptionMethod) {
	    -1 {$Arguments.Add("Encryption_Method" , "The volume has been fully or partially encrypted with an unknown algorithm and key size.")}
	     0 {$Arguments.Add("Encryption_Method" , "The volume is not encrypted.")}
	     1 {$Arguments.Add("Encryption_Method" , "AES 128 WITH DIFFUSER")}
	     2 {$Arguments.Add("Encryption_Method" , "AES 256 WITH DIFFUSER")} 
	     3 {$Arguments.Add("Encryption_Method" , "AES 128")}
	     4 {$Arguments.Add("Encryption_Method" , "AES 256")}
	     }

	Switch ($ProtectionStatus) {
	     0 {$Arguments.Add("Protection_Status" , "PROTECTION OFF")}
	     1 {$Arguments.Add("Protection_Status" , "PROTECTION ON")}
	     2 {$Arguments.Add("Protection_Status" , "PROTECTION UNKNOWN")}
	     }
     
	Switch ($LockStatus) {
    	 0 {$Arguments.Add("Lock_Status" , "UNLOCKED")}
    	 1 {$Arguments.Add("Lock_Status" , "LOCKED")}
    	 }
		 
	# Check if Identificationfield is $null
	If ($IdentificationField -eq $null) {$Arguments.Add("Identification_Field" , "None")} else {$Arguments.Add("Identification_Field" , $IdentificationField)}

	# Check if Bitlocker status is Enabled
	If ($Bitdrive.GetConversionStatus().EncryptionPercentage -eq 100) {$Arguments.Add("Bitlocker_Status" , "Enabled")} else {$Arguments.Add("Bitlocker_Status" , "Disabled")}

	# Write Bitlocker Status into the WMI DHS_Bitlocker Repository
	Set-WmiInstance -Class DHS_Bitlocker -Argument $Arguments

	# Clear Hash table
	$Arguments.Clear()

	} # End foreach Bitdrive
} # End Check if Bitstatus is $null

Open in new window

http://www.myitforum.com/forums/m229866-print.aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JYBejeshAuthor Commented:
Thanks a lot! exactly what I needed!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Encryption

From novice to tech pro — start learning today.