Bitlocker Status Report

With Windows 7, creating a report in SCCM for all your computers is really simple. First you need to expand your sms_def.mof file to gather the Bitlocker status data that is stored in WMI on your clients.

Insert this at the bottom of
%Program Files%\Microsoft Configuration Manager\inboxes\clifiles.src\hinv\sms_def.mof 

[ SMS_Report (TRUE),

 SMS_Group_Name ("BitLocker Volume Encryption"),
 SMS_Class_ID ("MICROSOFT|BITLOCKER_VOLUME_ENC|1.0"),
 SMS_Namespace (FALSE),
 Namespace ("\\\\\\\\localhost\\\\root\\\\cimv2\\\\security\\\\MicrosoftVolumeEncryption") ]
class Win32_EncryptableVolume : SMS_Class_Template
{
 [SMS_Report (TRUE), key ] string DeviceID;
 [SMS_Report (TRUE) ] string DriveLetter;
 [SMS_Report (FALSE) ] string PersistentVolumeID;
 [SMS_Report (TRUE) ] uint32 ProtectionStatus;
};
[ SMS_Report (TRUE),
 SMS_Group_Name ("Trusted Platform Module"),
 SMS_Class_ID ("MICROSOFT|TRUSTED_PLATFORM_MODULE|1.0"),
 SMS_Namespace (FALSE),
 Namespace ("\\\\\\\\localhost\\\\root\\\\cimv2\\\\security\\\\MicrosoftTPM") ]
class Win32_TPM : SMS_Class_Template
{
 [SMS_Report (TRUE) ] boolean IsActivated_InitialValue;
 [SMS_Report (TRUE) ] boolean IsEnabled_InitialValue;
 [SMS_Report (TRUE) ] boolean IsOwned_InitialValue;
 [SMS_Report (FALSE), key] uint32 ManufacturerId;
 [SMS_Report (TRUE) ] string ManufacturerVersion;
 [SMS_Report (FALSE) ] string ManufacturerVersionInfo;
 [SMS_Report (FALSE) ] string PhysicalPresenceVersionInfo;
 [SMS_Report (TRUE) ] string SpecVersion;
};

Thanks to Panu Saukko for that information.

When your client run Hardware Inventory they will put the information from WMI into the ConfigMgr database. All you need to do is to create a report that gathers the data from it. It just so happens, I have one right here! Create a new report from ConfigMgr and put this into the SQL statement.

SELECT
  v_R_System.Name0,'Chassis'=CASE
 WHEN v_GS_SYSTEM_ENCLOSURE.ChassisTypes0 in ('3','4','6','7','15') THEN 'Desktop'
 WHEN v_GS_SYSTEM_ENCLOSURE.ChassisTypes0 in ('8','9','10','21') THEN 'Laptop'
 END

, v_GS_BITLOCKER_VOLUME_ENC.DriveLetter0, v_GS_BITLOCKER_VOLUME_ENC.ProtectionStatus0 AS 'Protection Status',
                      v_GS_BITLOCKER_VOLUME_ENC.TimeStamp AS 'Inventoried', v_GS_TRUSTED_PLATFORM_MODULE.IsEnabled_InitialValue0 AS 'TPM Enabled',
                      v_GS_TRUSTED_PLATFORM_MODULE.IsActivated_InitialValue0 AS 'TPM Activated', v_GS_TRUSTED_PLATFORM_MODULE.ManufacturerVersion0 AS 'TPM Manuf. Version',
                      v_GS_TRUSTED_PLATFORM_MODULE.SpecVersion0 AS 'TPM Version',v_R_System.managedBy0 AS 'Managed By'
FROM         v_R_System INNER JOIN
                      v_GS_BITLOCKER_VOLUME_ENC ON v_R_System.ResourceID = v_GS_BITLOCKER_VOLUME_ENC.ResourceID INNER JOIN
                      v_GS_TRUSTED_PLATFORM_MODULE ON v_GS_BITLOCKER_VOLUME_ENC.ResourceID = v_GS_TRUSTED_PLATFORM_MODULE.ResourceID
                      INNER JOIN v_GS_SYSTEM_ENCLOSURE on v_R_System.ResourceID =  v_GS_SYSTEM_ENCLOSURE.ResourceID

This will give you a report that looks like this (click to zoom).

Bitlocker Report

So, in other words, you don’t need to run scripts on your clients to inventory Bitlocker information for Windows7. All you need is to expand SMS_Def.mof and create a report.


Liknande artiklar:


Kommentering är avstängd.

News & Events

Fredrik Kämpe utnämnd till AppSense Partner Sales Star of the Year!

april 2015

Vi gratulerar Fredrik Kämpe som på årets AppSense University med 65 partners från 8 länder mottog utmärkelsen Partner Sales Star of the Year! Stort grattis och ...

Fidelity Consulting på Citrix Synergy 2015

april 2015

Våra konsulter inom Citrix samt några av våra kunder kommer åka till årets Citrix Synergy mässa i Orlando. Vi uppdaterar oss inom Mobility och Cloud ...

Mer Nyheter
 

Our Clients

"The best project manager I´ve ever worked with!"
Kari Innanen / Fortum IT services, Finland

"Jim är i första hand en väldigt glad, trevlig och engagerad medarbetare. Som konsult är han mycket kompetent, stresstålig, en suverän idespruta som levererar sina åtaganden med hög kvalitetskänsla."
Karl Florin / Teamleader IBM.

"Fredriks arbete är genomtänkt in i varje detalj. Fredrik är oerhört kunnig, kreativ och trevlig vilket gör honom till ett nöje att samarbeta under längre tidsperioder."
Jonas / Client Delivery Coordinator