Detecting encrypted drives?

(imported topic written by BenKus)

Hello,

Is anyone out there using disk encryption software? If so, do you mind running this query and posting or sending me the results and the software you are using?

Q: selects “* from win32_tpm” of wmi “root\CIMV2\Security\MicrosoftTpm”

Ben

(imported comment written by SystemAdmin)

right on time…

I am just now in the process of writing a Task to install disk encryption software and one of the things i need to be able to retrieve is the TPM status (or property list) - the query above returns an error for me ( but then again I don’t have the encryption software installed on my test machine)

Does anyone know how I can retrieve TPM information?

thanks…

ps: I can install the encryption software and then test the above query if need be for you.

(imported comment written by JonFan)

Hi,

On the machines we have tested on, the query returns no information if encryption is not enabled, can you try on a test machine with the software installed?

Thanks,

Jon

(imported comment written by SystemAdmin)

Jon.

I just installed the encryption software, rebooted the machine and ran the above query in the relevance debugger.

Error: Singular expression refers to nonexistent object.

Not sure why that would be the case…

(imported comment written by JonFan)

Hi,

Can you share the name of the encryption software you are using? We might be able to find an alternate detection method.

Thanks,

Jon

(imported comment written by SystemAdmin)

I also get the “Error: Singular expression refers to nonexistent object” when I do this on XP SP2. If I run it on my Vista laptop with Safeboot installed (and encrypted) I get:

A: ManufacturerId=1229346816

A: ManufacturerVersion=1.2

A: ManufacturerVersionInfo=Not Supported

A: PhysicalPresenceVersionInfo=1.0

A: SpecVersion=1.2, 2, 0

Maybe this wmi call does not work properly on XP? The XP system has Safeboot installed - but not encrypted yet. I will find one that is. It might only come back with results when the system is actually encrypted only. Although, would of hoped to have it have results with at least the install in place.

Mike

(imported comment written by SystemAdmin)

I’m using Mobile Armor installed on XP SP2…

Is this the only way anyone knows how to retrieve TPM properties?

-Jim

(imported comment written by SystemAdmin)

Ok - so it appears this wmi call does not work on XP SP2. At least in my environment. Works fine for my Safeboot encrypted Vista laptop though. But if I run the same query on an encrypted XP laptop then I get the “singular expression…” error.

(imported comment written by lmpymilk91)

mgoodnow

Ok - so it appears this wmi call does not work on XP SP2. At least in my environment. Works fine for my Safeboot encrypted Vista laptop though. But if I run the same query on an encrypted XP laptop then I get the “singular expression…” error.

Vista/2008 required

Requirements

Minimum supported client Windows Vista

Minimum supported server Windows Server 2008

MOF Win32_tpm.mof

DLL Win32_tpm.dll

Namespace \.\root\CIMV2\Security\MicrosoftTpm

(imported comment written by rdamours91)

Nice… I’m just starting at looking at writing something to detect encrypted drives and usb keys.

Just getting started

http://msdn.microsoft.com/en-us/library/aa376475(VS.85).aspx