Hi All,<\/p>\n

Advertisement

Close

Need some assistance, have a requirement for a SW report that will do the following<\/p>\n

\n
1. Detect if machine has bitlocker enabled or not<\/li>\n
2. Detect if machine has built in TPM chip (regardless if enabled or disabled in bios)<\/li>\n<\/ol>\n
   

   Advertisement

   Close

   and report the following<\/p>\n

   Bitlocker enabled and ok
   \nBitlocker capable but not enabled
   \nTPM available but disabled in bios
   \nNo TPM<\/p>\n

   many thanks<\/p>","upvoteCount":3,"answerCount":3,"datePublished":"2018-01-09T13:38:37.000Z","author":{"@type":"Person","name":"angus","url":"https://community.spiceworks.com/u/angus"},"suggestedAnswer":[{"@type":"Answer","text":"

   Hi All,<\/p>\n

   Need some assistance, have a requirement for a SW report that will do the following<\/p>\n

   \n
   1. Detect if machine has bitlocker enabled or not<\/li>\n
   2. Detect if machine has built in TPM chip (regardless if enabled or disabled in bios)<\/li>\n<\/ol>\n

      and report the following<\/p>\n

      Bitlocker enabled and ok
      \nBitlocker capable but not enabled
      \nTPM available but disabled in bios
      \nNo TPM<\/p>\n

      many thanks<\/p>","upvoteCount":3,"datePublished":"2018-01-09T13:38:37.000Z","url":"https://community.spiceworks.com/t/tpm-bitlocker-report/627574/1","author":{"@type":"Person","name":"angus","url":"https://community.spiceworks.com/u/angus"}},{"@type":"Answer","text":"

      I haven’t looked into this before, but I did have a powershell script that we ran for inventory that would grab the bitlocker status via WMI. Pretty sure I copied it from some other website when I put it together. This is the relevant part that you would need to check bitlocker status.<\/p>\n

      $ProtectionState = Get-WmiObject -ComputerName $computer.Name -Namespace ROOT\\CIMV2\\Security\\Microsoftvolumeencryption -Class Win32_encryptablevolume -Filter “DriveLetter = ‘c:’” -ErrorAction Stop -Authentication PacketPrivacy<\/p>\n

      switch ($ProtectionState.GetProtectionStatus().protectionStatus)
      \n{
      \n(“0”){$protectans = “Unprotected”}
      \n(“1”){$protectans = “Protected”}
      \n(“2”){$protectans = “Unknown”}
      \ndefault {$protectans = “NoReturn”}
      \n}<\/p>","upvoteCount":2,"datePublished":"2018-01-09T17:07:52.000Z","url":"https://community.spiceworks.com/t/tpm-bitlocker-report/627574/2","author":{"@type":"Person","name":"peterblosser","url":"https://community.spiceworks.com/u/peterblosser"}},{"@type":"Answer","text":"

      Get-WmiObject -class Win32_Tpm -namespace root\\CIMV2\\Security\\MicrosoftTpm -Authentication PacketPrivacy\n<\/code><\/pre>\n
      This will give you information about TPM.<\/p>","upvoteCount":1,"datePublished":"2018-01-16T08:14:01.000Z","url":"https://community.spiceworks.com/t/tpm-bitlocker-report/627574/3","author":{"@type":"Person","name":"tomaszczyz","url":"https://community.spiceworks.com/u/tomaszczyz"}}]}}