• Status: Solved
  • Priority: High
  • Security: Public
  • Views: 51
  • Last Modified:

Need Powershell Help

I need help performing the WMI Query on all computers in the OU as seen below,  All data returned, must be saved.   Thanks   I am not a  powershell guru so please take your time to help.
Import-Module -Name ActiveDirectory
Get-ADComputer -filter * -SearchBase "OU=Center Manager,OU=Clinical Desktops,OU=Computer Accounts,DC=ppct,DC=world"
$computer = $_

Foreach-Object {

 Get-WmiObject -ComputerName $computer -Namespace "root/CIMV2/Security/MicrosoftVolumeEncryption" -Query "SELECT * FROM Win32_EncryptableVolume" | Where-Object {$_.ProtectionStatus -eq '1'}

 Select-Object ProtectionStatus
 } | 

Format-Table -Property * -AutoSize

Open in new window

1
stressedout2004
Asked:
stressedout2004
  • 6
  • 5
  • 4
  • +1
1 Solution
 
oBdACommented:
This will write the results (including errors) to a csv file, and display the results.
Import-Module -Name ActiveDirectory
$resultFile = 'C:\Temp\ProtectionStatus.csv'
$computerList = Get-ADComputer -filter * -SearchBase "OU=Center Manager,OU=Clinical Desktops,OU=Computer Accounts,DC=ppct,DC=world"

$computerList | Foreach-Object {
	$computerName = $_
	"Processing $($computerName) ..." | Write-Host -ForegroundColor White -NoNewline
	Try {
		Get-WmiObject -ComputerName $computerName -Namespace "root\CIMV2\Security\MicrosoftVolumeEncryption" -Query "SELECT DriveLetter, ProtectionStatus FROM Win32_EncryptableVolume" -ErrorAction Stop |
			Select-Object -Property @{n='ComputerName'; e={$computerName}}, DriveLetter, ProtectionStatus, Error
		" OK" | Write-Host -ForegroundColor Green
	} Catch {
		$_ | Select-Object -Property @{n='ComputerName'; e={$computerName}}, DriveLetter, ProtectionStatus, @{n='Error'; e={$_.Exception.Message}}
		" ERROR" | Write-Host -ForegroundColor Red
	}
} | Export-Csv -NoTypeInformation -Path $resultFile
"Results written to '$($resultFile)'" | Write-Host -ForegroundColor White
Import-Csv -Path $resultFile | Out-GridView

Open in new window

1
 
Senior IT System EngineerIT ProfessionalCommented:
The script looks good, however, when I execute it, I got these error:

RPC Error ?
note, all of the Laptops are online when I doublecheck on the list.
0
 
oBdACommented:
Well, the error message doesn't lie. Probably the firewall, or remote management is disabled.
You can replace/comment out line 3, and use $computerList = '.' to run it against the local computer.
1
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
FOXActive Directory/Exchange EngineerCommented:
Obda,
Try using the Invoke-Command in your script against the list of computers.  The remote management may be disabled like you said
1
 
Senior IT System EngineerIT ProfessionalCommented:
Fox,
so if the script is executed using Invoke-Command, it will work despite the remote management is disabled?

Obda, the result after changing:
$computerList = "localhost"
$computerList = "."


is
Localhost.JPG
is that expected ?
0
 
stressedout2004Author Commented:
The script is working, looking to test this now which is relative to the RPC error.
https://www.infrasightlabs.com/setting-wmi-access-ad-gpo
2
 
oBdACommented:
Senior IT System Engineer,
that would be expected if you have a single volume C: and it's not Bitlocker encrypted.
1
 
Senior IT System EngineerIT ProfessionalCommented:
Nice, so yes the code works when it is executed under Run As Administrator.
1
 
stressedout2004Author Commented:
I believe that I need the script to include a FQDN for each computer name .   My server is in another site and its using the NetBIOS name which could be why the RPC error is occurring.  Any way to have it include FQDN foo.local
0
 
stressedout2004Author Commented:
I can also execute this command from the space server where I'm executing the above script from without any problems.

Get-WmiObject win32_SystemEnclosure -Computer d3570-3049.ppct.world
0
 
oBdACommented:
Sorry, my bad after all; a Select-Object went AWOL when posting ...
Import-Module -Name ActiveDirectory
$resultFile = 'C:\Temp\ProtectionStatus.csv'
$computerList = Get-ADComputer -filter * -SearchBase "OU=Center Manager,OU=Clinical Desktops,OU=Computer Accounts,DC=ppct,DC=world" |
	Select-Object -ExpandProperty DNSHostName

$computerList | Foreach-Object {
	$computerName = $_
	"Processing $($computerName) ..." | Write-Host -ForegroundColor White -NoNewline
	Try {
		Get-WmiObject -ComputerName $computerName -Namespace "root\CIMV2\Security\MicrosoftVolumeEncryption" -Query "SELECT DriveLetter, ProtectionStatus FROM Win32_EncryptableVolume" -ErrorAction Stop |
			Select-Object -Property @{n='ComputerName'; e={$computerName}}, DriveLetter, ProtectionStatus, Error
		" OK" | Write-Host -ForegroundColor Green
	} Catch {
		$_ | Select-Object -Property @{n='ComputerName'; e={$computerName}}, DriveLetter, ProtectionStatus, @{n='Error'; e={$_.Exception.Message}}
		" ERROR" | Write-Host -ForegroundColor Red
	}
} | Export-Csv -NoTypeInformation -Path $resultFile
"Results written to '$($resultFile)'" | Write-Host -ForegroundColor White
Import-Csv -Path $resultFile | Out-GridView

Open in new window

1
 
stressedout2004Author Commented:
Can the script be modified to allow the domain ppct.world when it loops through the computer names?
1
 
stressedout2004Author Commented:
I need some modifications please .

I need to append the domain ppct.world to $computerName

The WMI query must be this query
Get-WmiObject -ComputerName $computerName Namespace "root/CIMV2/Security/MicrosoftVolumeEncryption" -Query "SELECT * FROM Win32_EncryptableVolume" | Where-Object {$_.ProtectionStatus -eq '1'}

vs this query.

Get-WmiObject -ComputerName $computerName -Namespace "root\CIMV2\Security\MicrosoftVolumeEncryption" -Query "SELECT DriveLetter, ProtectionStatus FROM Win32_EncryptableVolume"

I need all of these fields populated

__GENUS                          : 2
__CLASS                          : Win32_EncryptableVolume
__SUPERCLASS                     :
__DYNASTY                        : Win32_EncryptableVolume
__RELPATH                        : Win32_EncryptableVolume.DeviceID="\\\\?\\Volume{Commented OUT}\\"
__PROPERTY_COUNT                 : 8
__DERIVATION                     : {}
__SERVER                         : TestSystem
__NAMESPACE                      : root\CIMV2\Security\MicrosoftVolumeEncryption
__PATH                           : \\TestSystem\root\CIMV2\Security\MicrosoftVolumeEncryption:Win32_EncryptableVolume.DeviceID=
                                   "\\\\?\\Volume{Commented OUT}\\"
ConversionStatus                 : 1
DeviceID                         : \\?\Volume{Commented OUT}\
DriveLetter                      : C:
EncryptionMethod                 : 6
IsVolumeInitializedForProtection : True
PersistentVolumeID               : {Commented OUT}
ProtectionStatus                 : 1
VolumeType                       : 0
PSComputerName                   : TestSystem
0
 
oBdACommented:
The latest version is already using the FQDN as retrieved from AD, so there's no need to add it explicitly.
The properties starting with "__" are specific to WMI; you could collect them, but I don't really see the point.
Import-Module -Name ActiveDirectory
$resultFile = 'C:\Temp\ProtectionStatus.csv'
$computerList = Get-ADComputer -filter * -SearchBase "OU=Center Manager,OU=Clinical Desktops,OU=Computer Accounts,DC=ppct,DC=world" |
	Select-Object -ExpandProperty DNSHostName

$properties = 'ConversionStatus', 'DeviceID', 'DriveLetter', 'EncryptionMethod', 'IsVolumeInitializedForProtection', 'PersistentVolumeID', 'ProtectionStatus', 'VolumeType'
$computerList | Foreach-Object {
	$computerName = $_
	"Processing $($computerName) ..." | Write-Host -ForegroundColor White -NoNewline
	$(Try {
		Get-WmiObject -ComputerName $computerName -Namespace "root\CIMV2\Security\MicrosoftVolumeEncryption" -Query "SELECT * FROM Win32_EncryptableVolume" -ErrorAction Stop
		" OK" | Write-Host -ForegroundColor Green
	} Catch {
		$_ | Select-Object -Property @{n='Error'; e={$_.Exception.Message}}
		" ERROR" | Write-Host -ForegroundColor Red
	}) | Select-Object -Property (@(@{n='ComputerName'; e={$computerName}}) + $properties + 'Error')
} | Sort-Object -Property ComputerName, DriveLetter | Export-Csv -NoTypeInformation -Path $resultFile
"Results written to '$($resultFile)'" | Write-Host -ForegroundColor White
Import-Csv -Path $resultFile | Out-GridView

Open in new window

1
 
stressedout2004Author Commented:
0
 
Senior IT System EngineerIT ProfessionalCommented:
OBDA code works perfectly fine, thanks for sharing it here man:

Import-Module -Name ActiveDirectory
$resultFile = 'C:\Temp\ProtectionStatus.csv'
$computerList = Get-ADComputer -filter * -SearchBase "OU=Center Manager,OU=Clinical Desktops,OU=Computer Accounts,DC=ppct,DC=world" |
	Select-Object -ExpandProperty DNSHostName

$properties = 'ConversionStatus', 'DeviceID', 'DriveLetter', 'EncryptionMethod', 'IsVolumeInitializedForProtection', 'PersistentVolumeID', 'ProtectionStatus', 'VolumeType'
$computerList | Foreach-Object {
	$computerName = $_
	"Processing $($computerName) ..." | Write-Host -ForegroundColor White -NoNewline
	$(Try {
		Get-WmiObject -ComputerName $computerName -Namespace "root\CIMV2\Security\MicrosoftVolumeEncryption" -Query "SELECT * FROM Win32_EncryptableVolume" -ErrorAction Stop
		" OK" | Write-Host -ForegroundColor Green
	} Catch {
		$_ | Select-Object -Property @{n='Error'; e={$_.Exception.Message}}
		" ERROR" | Write-Host -ForegroundColor Red
	}) | Select-Object -Property (@(@{n='ComputerName'; e={$computerName}}) + $properties + 'Error')
} | Sort-Object -Property ComputerName, DriveLetter | Export-Csv -NoTypeInformation -Path $resultFile
"Results written to '$($resultFile)'" | Write-Host -ForegroundColor White
Import-Csv -Path $resultFile | Out-GridView

Open in new window

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell┬« is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 6
  • 5
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now