How to get the bitlocker recovery key ID ? This is a question that a colleague of mine asked me. He wanted to get the local bitlocker key, and compare it to the one stored in Active directory.I wrote him this function which will retrieve the protector ID (Bitlocker recovery ID) with the possibility to choose which protector to retrieve.
[stextbox id=”note”]This function below would be the PowerShell equivalent as the : manage-bde -protectors c: -get command[/stextbox]
The function is based on Win32_EncryptableVolume WMI class. This function can easily be extended, or even incorporated in other functions / scripts.Find the download link here below
[stextbox id=”info”]Since the first developpement of this script, I have written a new cool tool name “BitlockerSAK” for “Bitlocker Swiss Army knife“. The bitlocker swiss army knifeallow to find the bitlocker recovery key id, but also a lot more neat stuff! You can get more information about BitlockerSAK right here –> “Bitlocker Swiss Army Knife”[/stextbox]
[stextbox id=”download”]Download the latest version of the script directly on technet right here. [/stextbox]If this function is not what you were looking for, check out my BitLocker encryption function.Here under is the function listing :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
Function Get-BitLockerRecoveryKeyId {
<#
.SYNOPSIS
This returns the Bitlocker key protector id.
.DESCRIPTION
The key protectorID is retrived either according to the protector type, or simply all of them.
.PARAMETER KeyProtectorType
The key protector type can have one of the following values :
*TPM
*ExternalKey
*NumericPassword
*TPMAndPin
*TPMAndStartUpdKey
*TPMAndPinAndStartUpKey
*PublicKey
*PassPhrase
*TpmCertificate
*SID
.EXAMPLE
Get-BitLockerRecoveryKeyId
Returns all the ID‘s available from all the different protectors.
.EXAMPLE
Get-BitLockerRecoveryKeyId -KeyProtectorType NumericPassword
Returns the ID(s) of type NumericPassword
.NOTES
Version: 1.0
Author: Stephane van Gulick
Creation date:12.08.2014
Last modification date: 12.08.2014
.LINK
www.powershellDistrict.com
.LINK
http://social.technet.microsoft.com/profile/st%C3%A9phane%20vg/
.LINK
#http://msdn.microsoft.com/en-us/library/windows/desktop/aa376441(v=vs.85).aspx
#>
[/fusion_builder_column][fusion_builder_column type=“1_1” background_position=“left top” background_color=“” border_size=“” border_color=“” border_style=“solid” spacing=“yes” background_image=“” background_repeat=“no-repeat” padding=“” margin_top=“0px” margin_bottom=“0px” class=“” id=“” animation_type=“” animation_speed=“0.3” animation_direction=“left” hide_on_mobile=“no” center_content=“no” min_height=“none”][cmdletBinding()]
Param(
[Parameter(Mandatory=$false,ValueFromPipeLine=$false)]
[ValidateSet(“Alltypes”,“TPM”,“ExternalKey”,“NumericPassword”,“TPMAndPin”,“TPMAndStartUpdKey”,“TPMAndPinAndStartUpKey”,“PublicKey”,“PassPhrase”,“TpmCertificate”,“SID”)]
$KeyProtectorType
)
$BitLocker = Get-WmiObject -Namespace “Rootcimv2SecurityMicrosoftVolumeEncryption” -Class “Win32_EncryptableVolume”
switch ($KeyProtectorType){
(“Alltypes”) {$Value = “0”}
(“TPM”) {$Value = “1”}
(“ExternalKey”) {$Value = “2”}
(“NumericPassword”) {$Value = “3”}
(“TPMAndPin”) {$Value = “4”}
(“TPMAndStartUpdKey”) {$Value = “5”}
(“TPMAndPinAndStartUpKey”) {$Value = “6”}
(“PublicKey”) {$Value = “7”}
(“PassPhrase”) {$Value = “8”}
(“TpmCertificate”) {$Value = “9”}
(“SID”) {$Value = “10”}
default {$Value = “0”}
}
$Ids = $BitLocker.GetKeyProtectors($Value).volumekeyprotectorID
return $ids
}
|