Create bitlocker partition using k1000 script
I'm having trouble getting the bdedhcfg.exe to run via k1000 script. I've tried as a "launch program" "run batch". I've tried making a vb script and calling the script as a dependency.
Basically I've been able to us HP bios config to turn on the TPM without a prompt and use a vb script that takes ownership of the tpm and turns on bitlocker. I just can't seem to get a partition generated via kace. I can run my batch files from the pc, but when I script it in kace it fails "bdehdcfg is not a valid cmdlet". I've set up these scripts the same way I used the hpbiosconfig.exe or a simple shutdown through cmd.
Any reccomended partition solutions?
Answers (1)
What user permissions are you running the batch script under when you run it locally? I'd guess you would have to be an administrator to run those commands and by default the K1000 runs scripts as LocalSystem. You would need to use the "run as" feature of an online Kscript to run it as admin.
Do you give the K1000 full file paths when you run it from there? I've seen some instances where the batch file couldn't determine file locations and would error out.
Comments:
-
I've tried changing permissions and using complete file paths. Trying to do it with diskpart.exe and cant seem to get to work either. It reads launching diskpart, but doesnt read the txt file script I've added as a dependency. I specified the location and parameters like this:
$(KACE_SYS_DIR)\diskpart.exe
parameters: /s $(KACE_DEPENDENCY_DIR)\bitlockerpartition.txt > c:\diskpartlog.txt - joe_nismo 11 years ago -
I was able to get it to work as a batch file.. in k1000. I realized I was using the batch file in k1000 to call a batch file in the dependency... and launching as a program didn't work. So it looks like choosing "run a batch file" and type c:\windows\system32\diskpart.exe /s bitlockerpartition.txt > c:\diskpartlog.txt
and have bitlockerpartition.txt as a dependency worked!! THanks - joe_nismo 11 years ago-
You might consider writing a blog here on your script. Others might find that useful. - jknox 11 years ago
-
Well I ran into one more snag. Diskpart does not have a method of putting the boot info bitlocker requires on the partition. bdehdcfg.exe does place this info on the partition.... I will continue to work with Diskpart and see if there is a way to place that boot into on the partition or get bdehdcfg.exe working through kace... Once I have this finished I will blog the script. - joe_nismo 11 years ago