anyone have any luck with reporting on Bitlocker encryption method for example AES 128, AES 256, etc. I have attempted the following code from here but didn’t have much luck ……any help would be great
tuple string items (integer values of selects ("* from win32_EncryptableVolume") whose(name of it = “EncryptionMethod”) of WMIs “root\CIMv2\Security\MicrosoftVolumeEncryption”) of “N/A, AES 128 With Diffuser, AES 256 With Diffuser, AES 128, AES 256”
this is my result when I try this on my current machine…
Q:tuple string items (integer values of selects ("* from win32_EncryptableVolume") whose(name of it = “EncryptionMethod”) of WMIs “root\CIMv2\Security\MicrosoftVolumeEncryption”) of "N/A, AES 128 With Diffuser, AES 256 With Diffuser, AES 128, AES 256"
T: 20.898 ms
selects ("* from win32_EncryptableVolume") of WMIs "root\CIMv2\Security\MicrosoftVolumeEncryption"
Have you tested it across your install base? When I was doing this in the field I would occasionally see weird computers that claimed that WMI namespace didn’t exist or things like that. For what it’s worth, here are those two relevance clauses against a VM I’m running:
q: selects ("* from win32_EncryptableVolume") whose(name of it = "EncryptionMethod") of WMIs "root\CIMv2\Security\MicrosoftVolumeEncryption"
A: EncryptionMethod=0
T: 24.330 ms
I: plural wmi select
q: tuple string items (integer values of selects ("* from win32_EncryptableVolume") whose(name of it = "EncryptionMethod") of WMIs "root\CIMv2\Security\MicrosoftVolumeEncryption") of "N/A, AES 128 With Diffuser, AES 256 With Diffuser, AES 128, AES 256"
A: N/A
T: 14.075 ms
I: plural string
Maybe you could start as simple as exists wmi and/or exists wmi "root\CIMv2\Security\MicrosoftVolumeEncryption"
I am running a similar issue. I am using the same code, HOWEVER some machines are reporting the encryption method and some are not. The ones that are not reporting their encryption method are still reporting that they are encrypted though.