update
This commit is contained in:
113
Windows 10/Activation-BitLocker.ps1
Normal file
113
Windows 10/Activation-BitLocker.ps1
Normal file
@ -0,0 +1,113 @@
|
||||
<#
|
||||
.SYNOPSIS
|
||||
<Overview of script>
|
||||
|
||||
.NOTES
|
||||
Version: 1.0
|
||||
Author: Hubert CORNET
|
||||
Creation Date: <Date>
|
||||
Purpose/Change: Initial script development
|
||||
|
||||
.LINK
|
||||
https://www.tips-of-mine.fr
|
||||
|
||||
.EXEMPLE
|
||||
<Example goes here. Repeat this attribute for more than one example>
|
||||
|
||||
.DESCRIPTION
|
||||
<Brief description of script>
|
||||
|
||||
.PARAMETER <Parameter_Name>
|
||||
<Brief description of parameter input required. Repeat this attribute if required>
|
||||
|
||||
.INPUTS
|
||||
<Inputs if any, otherwise state None>
|
||||
|
||||
.OUTPUTS
|
||||
<Outputs if any, otherwise state None - example: Log file stored in C:\Windows\Temp\<name>.log>
|
||||
#>
|
||||
|
||||
#---------------------------------------------------------[Initialisations]--------------------------------------------------------
|
||||
# Définir l'action d'erreur pour continuer silencieusement
|
||||
$ErrorActionPreference = "SilentlyContinue"
|
||||
|
||||
#----------------------------------------------------------[Declarations]----------------------------------------------------------
|
||||
# Version Script
|
||||
$sScriptVersion = "1.0"
|
||||
|
||||
#Log File Info
|
||||
$sLogPath = "C:\Tmp"
|
||||
$sLogName = "Activation-BitLocker.log"
|
||||
$sLogFile = Join-Path -Path $sLogPath -ChildPath $sLogName
|
||||
|
||||
Start-Transcript -Path $sLogFile -NoClobber
|
||||
|
||||
#-----------------------------------------------------------[Functions]------------------------------------------------------------
|
||||
|
||||
#--------------------------------------------------------[Debut Du Script]---------------------------------------------------------
|
||||
|
||||
cls
|
||||
|
||||
|
||||
# The script may fail because of race condition? Add a sleep :
|
||||
Start-Sleep -Seconds 300
|
||||
|
||||
# Nous detectons si le disque C dispose de BitLocker.
|
||||
# Si la condition n'est pas remplie, nous arretons le script.
|
||||
$CdriveStatus = Get-BitLockerVolume -MountPoint 'c:'
|
||||
|
||||
If ($CdriveStatus.volumeStatus -eq 'FullyDecrypted') {
|
||||
# On execute un systeme de logging. Il ne servira en cas de debuggage
|
||||
New-EventLog -LogName "BitLocker" -Source "GPO - BitLocker" -ErrorAction Ignore
|
||||
write-eventlog -LogName "BitLocker" -Source "GPO - BitLocker" -EntryType Information -Category 1 -Message "BitLocker non detecté sur le disque systeme.`nDémarrage du script." -EventId 1
|
||||
|
||||
# On lance notre BitLocker
|
||||
$result = Enable-BitLocker -MountPoint $env:SystemDrive -SkipHardwareTest -RecoveryPasswordProtector
|
||||
|
||||
If ($result) {
|
||||
# Si BitLocker a bien accepté notre clé
|
||||
Write-EventLog -LogName "BitLocker" -Source "GPO - BitLocker" -EntryType Information -Category 1 -Message "Démarrer le cryptage BitLocker.`nCréer le CSV à extraire.`nCode de sortie de la commande pour BitLocker : $result" -EventId 2
|
||||
|
||||
# On recupere notre clé ici
|
||||
$Key = ([string](Get-BitLockerVolume -MountPoint 'c:').keyprotector.recoverypassword)
|
||||
|
||||
If ($key -match [regex]"[0-9]{6}-[0-9]{6}-[0-9]{6}-[0-9]{6}-[0-9]{6}-[0-9]{6}-[0-9]{6}-[0-9]{6}"){
|
||||
|
||||
Write-EventLog -LogName "BitLocker" -Source "GPO - BitLocker" -EntryType Information -Category 1 -Message "PowerShell a la clé de récupération. Démarrage de la sortie vers le réseau." -EventId 3
|
||||
|
||||
If ($CdriveStatus.volumeStatus -eq 'FullyDecrypted') {
|
||||
$info = $true
|
||||
}
|
||||
Else {
|
||||
$info = $false
|
||||
}
|
||||
|
||||
$result = [PSCustomObject]@{
|
||||
ComputerName = ($env:COMPUTERNAME);
|
||||
Date = (get-date -Format 'dd/MM/yy HH:mm');
|
||||
Result = $info;
|
||||
}
|
||||
|
||||
$result | export-csv -NoTypeInformation -Path "\\swfilevep01\logs$\BitLocker\BitLocker-$($env:COMPUTERNAME).csv"
|
||||
|
||||
Write-EventLog -LogName "BitLocker" -Source "GPO - BitLocker" -EntryType Information -Category 1 -Message "Exportation the CSV file to \\fr.dgs.group\systeme$\Logs\BitLocker\BitLocker-$($env:COMPUTERNAME).csv" -EventId 4
|
||||
}
|
||||
else {
|
||||
# Si nous n'avons pas de clé de récupération, nous exportons un log.
|
||||
$Status = (Get-BitLockerVolume -MountPoint 'c:').volumeStatus
|
||||
|
||||
Write-EventLog -LogName "BitLocker" -Source "GPO - BitLocker" -EntryType Error -Category 1 -Message "PowerShell n'a pas la clé de récupération.`nÉtat du disque : $Status" -EventId 5
|
||||
}
|
||||
}
|
||||
Else {
|
||||
Write-EventLog -LogName "BitLocker" -Source "GPO - BitLocker" -EntryType Error -Category 1 -Message "Nous ne pouvons pas lancer le cryptage.`nCode de sortie de la commande pour BitLocker : $result `nRésultat de Manage-Bde : $verbose `nCommencé par : $($env:USERNAME)" -EventId 6
|
||||
}
|
||||
}
|
||||
Else {
|
||||
New-EventLog -LogName "BitLocker" -Source "GPO - BitLocker" -ErrorAction Ignore
|
||||
Write-EventLog -LogName "BitLocker" -Source "GPO - BitLocker" -EntryType Information -Category 1 -Message "Pas entièrement décrypté. Statut: $CdriveStatus.volumeStatus" -EventId 7
|
||||
}
|
||||
|
||||
#---------------------------------------------------------[Fin Du Script]----------------------------------------------------------
|
||||
|
||||
Stop-Transcript
|
||||
Reference in New Issue
Block a user