VBScript Help for Backing up Lost Bitlocker Keys to AD

Our laptops were deleted from AD, and after rejoining them to the domain, the bitlocker recovery keys weren't restored to AD.  We don't use MBAM or MDOP.  I have a vbscript to run at logon however it won't run under the user account.

The script executes successfully under a local admin account and I can push it out through a logon script or using KACE to our laptops, however it doesn't run under the user account, even elevated.

What can I do to get this script to run as a local admin or under a domain account with admin privileges?  

I tried adding the RunAs vbscripting but it caused the main script to fail:

 Set WshShell = WScript.CreateObject("WScript.Shell")
  If WScript.Arguments.length = 0 Then
  Set ObjShell = CreateObject("Shell.Application")
  ObjShell.ShellExecute "wscript.exe", """" & _
  WScript.ScriptFullName & """" &_
  " RunAsAdministrator", , "runas", 1
  End if

The Bitlocker recovery script is below:

Option Explicit

Dim strNumericalKeyID
Dim strManageBDE,strManageBDE2
Dim oShell
Dim StrPath
Dim StdOut, strCommand
Dim Result, TPM, strLine
Dim Flag, NumericalKeyID

Set oShell = CreateObject("WSCript.Shell")

'This section looks for the Bitlocker Key Numerical ID

strManageBDE = "Manage-BDE.exe -protectors -get c:" 'Bitlocker command to gather the ID

Flag = False

Set Result = oShell.Exec(strManageBDE)'sees the results and places it in Result

Set TPM = Result.StdOut    'Sets the variable TPM to the output if the strManageBDe command

While Not TPM.AtEndOfStream
   strLine = TPM.ReadLine  'Sets strLine
   If InStr(strLine, "Numerical Password:") Then  

' This section looks for the Numerical Password
    Flag = True
   End If
   If Flag = True Then
     If InStr(strLine, "ID:") Then  'This section looks for the ID
      NumericalKeyID = Trim(strLine)' This section trims the empty spaces from the ID {} line
      NumericalKeyID = Right(NumericalKeyID, Len(NumericalKeyID)-4)
      Flag = False 'Stops the other lines from being collected
     End If
   End If

strManageBDE2 = "Manage-BDE.exe -protectors -adbackup C: -ID " & NumericalKeyID
oShell.Run strManageBDE2, 0, True 'Runs the Manage-bde command to move the numerical ID to AD
Rick CrandonDesktop Engineer, AmeripriseAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Deploy it as a startup script, that runs with system right, no elevation needed.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VB Script

From novice to tech pro — start learning today.