Avatar of H D
H D

asked on 

push WMI privilege using GPO

I'm using manage-bde.exe to allow some power user to encrypt their USB Stick.
I have a DC (Windows Server 2012 R2) with 100 hunder windows 10 pro laptpos.
The users don't have admin privlege on their machines.
I found that changing  WMI privilege manually  (ROOT>CIMV2>Security>MicrofostVolumeEncryption) and adding manually the specif account and giving him  "execute method" privilege allow the user to run the encryption without possessing admin rights.

I'm trying to create a script that I'm going to push via GPO to apply the needed changes.
I tried using this method  without success.
I can dump the privlege. Applying them give no errors but no changes are done.
Both operations are done with local admin account.
Thanks.
Encryption* WMICWindows Server 2012Active DirectoryScripting Languages

Avatar of undefined
Last Comment
McKnife

8/22/2022 - Mon