I am looking to use OCSInventory to help automate the audit of BitLocker Status Reporting that we need to do quarterly, however even though I have installed the BitLocker Plugin and pushed both the ps1 and vbs file to the agent, the Bitlocker status remains empty
However, if I run .\OCSInventory.exe /debug /force /xml="C:\temp" from an elevated windows terminal I do see the following in the generated XML:
<BITLOCKERSTATUS>
<DRIVE>C:</DRIVE>
<VOLUMETYPE>OperatingSystem</VOLUMETYPE>
<CONVERSIONSTATUS>Fully Encrypted</CONVERSIONSTATUS>
<PROTECTIONSTATUS>Locked</PROTECTIONSTATUS>
<ENCRYPMETHOD>XTS AES 128</ENCRYPMETHOD>
<INITPROTECT>True</INITPROTECT>
<PROTECTORS>,</PROTECTORS>
<PASSWORDID>{APASSWORD_ID}</PASSWORDID>
<RECOVERYPASSWORD>DRIVE_REC_KEY</RECOVERYPASSWORD>
</BITLOCKERSTATUS>
How to do I go about making sure this gets synced back to my server and ensure this is ran automatically?
Steps I've taken so far:
- Install the Bitlocker Status, Security, UEFI Settings and Winupdate Extensions and restart the server.
- Create a Dynamic Group to Automatically add all Windows Machines to a single group
- Create and Activate a Deployment to push the ps1 and vbs file to C:\Program Files\OCS Inventory Agent\Plugins
- Assign the deployment to the Windows Group
- Install the agent on a Window machine using ".\OCS-Windows-Agent-Setup-x64.exe /server=MY_SERVER_URL /NOW /S"
