Bitlocker Status - Percent Encrypted?

(imported topic written by rwtrotter91)

I’d like to know if anyone has been able to extract % encrypted information from a Windows 7 machine running Bitlocker. I would prefer not to write this to a file and read it from there.

Here is the command to pull it on the system, but I’d like to be able to report on the Percentage Encrypted part. Does anyone have any ideas?

Thanks,

-Robert

C:\WINDOWS\system32>manage-bde.exe -status c:

BitLocker Drive Encryption: Configuration Tool version 6.1.7600

Copyright © Microsoft Corporation. All rights reserved.

Volume C:

OSDisk

OS Volume

Size: 297.80 GB

BitLocker Version: Windows 7

Conversion Status: Fully Encrypted

Percentage Encrypted: 100%

Encryption Method: AES 128 with Diffuser

Protection Status: Protection On

Lock Status: Unlocked

Identification Field: None

Key Protectors:

Numerical Password

TPM

(imported comment written by rwtrotter91)

As you can likely tell by my question I’m new to relevance. I found some WMI information which would be a better way to pull the information. Can anyone help with that?

http://msdn.microsoft.com/en-us/library/aa376433(v=VS.85).aspx

(imported comment written by rwtrotter91)

Here is what I have and what I get.

Q: if (exists wmi) then (string values of selects “ConversionStatus, from Win32_EncryptableVolume” of wmi “root\CIMv2\Security\MicrosoftVolumeEncryption”) else (“N/A”)

E: The expression could not be evaluated: Windows Error: Invalid query

(imported comment written by SystemAdmin)

Give this a try, I don’t have an encrypted volume so I couldn’t test it

if (exists wmi) then (select object "ConversionStatus from Win32_EncryptableVolume" of wmi "root\CIMv2\Security\MicrosoftVolumeEncryption") as string else "<N/A>"

or

if (exists wmi) then ((if (exists (select object "ProtectionStatus from Win32_EncryptableVolume" of wmi "root\CIMv2\Security\MicrosoftVolumeEncryption") whose ((integer value of property "ProtectionStatus" of it = 1) )) then ((select object "ConversionStatus from Win32_EncryptableVolume" of wmi "root\CIMv2\Security\MicrosoftVolumeEncryption") as string) ELSE "Drive Not Encrypted") as string) else "BitLocker Status Undetectable"

(imported comment written by rwtrotter91)

Here is what I get:

Q: if (exists wmi) then (select object “ConversionStatus from Win32_EncryptableVolume” of wmi “root\CIMv2\Security\MicrosoftVolumeEncryption”) as string else “<N/A>”

E: The expression could not be evaluated: Windows Error: Invalid query

Q: if (exists wmi) then ((if (exists (select object “ProtectionStatus from Win32_EncryptableVolume” of wmi “root\CIMv2\Security\MicrosoftVolumeEncryption”) whose ((integer value of property “ProtectionStatus” of it = 1) )) then ((select object “ConversionStatus from Win32_EncryptableVolume” of wmi “root\CIMv2\Security\MicrosoftVolumeEncryption”) as string) ELSE “Drive Not Encrypted”) as string) else “BitLocker Status Undetectable”

E: The expression could not be evaluated: Windows Error: Invalid query

(imported comment written by SystemAdmin)

it sounds like you dont have a “ConversionStatus” object in WMI, check to make sure that object is there…

Q: if (exists wmi "Root\CIMV2\Security\MicrosoftVolumeEncryption") then (string values of selects "ConversionStatus from Win32_EncryptableVolume" of wmi "Root\CIMV2\Security\MicrosoftVolumeEncryption") as string else "<N/A>"
E: The expression could not be evaluated: Windows Error: Invalid query

Q: if (exists wmi "Root\CIMV2\Security\MicrosoftVolumeEncryption") then (string values of selects "ProtectionStatus from Win32_EncryptableVolume" of wmi "Root\CIMV2\Security\MicrosoftVolumeEncryption") as string else "<N/A>"
A: 0
I: plural string

Grab this software, its a great WMI viewer

http://www.hostmonitor.biz/download/wmiexplorer.zip

http://forum.bigfix.com/attachment.php?item=422&download=1