Check if flash drive or external drive are encrypted with bitlocker through kace k1000
I'm trying to create a script to look for external drive that are not encrypted with bitlocker and send a message window telling users to encrypt their drives.
Anyone know if this is doable through Kace K1000?
I know you can send a message window but can't find a way to verify if a machine is using or used an unencrypted drive before sending the message.
Thanks.
Anyone know if this is doable through Kace K1000?
I know you can send a message window but can't find a way to verify if a machine is using or used an unencrypted drive before sending the message.
Thanks.
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
SMal.tmcc
7 years ago
you are better off using a GPO to do this
https://technet.microsoft.com/en-us/library/jj679890(v=ws.11).aspx
you can always use gpedit.msc on a machine, set bitlocker rules how you want, then harvest the keys that it sets and use the k1000 to enforce those
https://technet.microsoft.com/en-us/library/jj679890(v=ws.11).aspx
you can always use gpedit.msc on a machine, set bitlocker rules how you want, then harvest the keys that it sets and use the k1000 to enforce those
Comments:
-
Thanks and sorry for the late reply.
Unfortunately, GPO is not something I can do because they are managed by our corporate site.
I checked gpedit.msc but there doesn't seem to be a way to prompt user if they want to encrypt the drive or not when the user insert a removable drive.
I've been playing with labels in k1000 and was able to put any machine that have an un-encrypted drive into a custom label. A script would run to send a reminder to any machines in that label. This work but it's not always constant since the kace agent only check in every now and then.
I'm hoping for something that could constantly run and just do a simple reminder when a user plug in an unencrypted drive. I've been playing with vbscript and wmi but no luck so far.
Anyway, I appreciate your help. - itnoob 7 years ago
