I am new to bigfix and I am working on a custom analysis that scans machines in our environment looking for drives that were bitlocker enabled and reporting back the following:
Encrypt-able Volumes - Tells what drive is encrypted
Protection Status - Tells whether encryption is off or on
Encryption Method - Tells the encryption type Example: AES 256
Encryption status- Tells whether the drive is fully encrypted or not
The issue is that some computers are reporting everything BUT the encryption method. We have a standard image on our machines, Win 10 64 bit. I have compared the registry entries, on two different machines, that are scanned during the analysis. From what I can see they are exactly the same but one reports the encryption method and the other does not.
tuple string items (integer values of selects ("* from win32_EncryptableVolume") whose(name of it = “EncryptionMethod”) of WMIs “root\CIMv2\Security\MicrosoftVolumeEncryption”) of “N/A, AES 128 With Diffuser, AES 256 With Diffuser, AES 128, AES 256”
Any advice would be much appreciated.